Security News for Everyone – Telegram

Security News for Everyone

@SeguridadInformatica

8.11K subscribers

223 photos

2 videos

30 files

9.42K links

Canal dedicado a noticias de Seguridad Informática en todos sus ámbitos, free, 24h x 365. Contacto/Contact: secnews4everyone@protonmail.com

Referencias:
https://goo.gl/uhfXtE
https://goo.gl/XvBaes

Download Telegram

About

Blog

Apps

Platform

Security News for Everyone

8.11K subscribers

Security News for Everyone

Forwarded from Derecho de la Red

⚠️ "Nuevos problemas para Android: detectan 85 apps en la Play Store que estaban robando tus contraseñas"

#GooglePlay #Android #Malware
https://www.redeszone.net/2017/12/13/apps-android-roban-contrasenas/

Encuentran 85 apps en la Play Store que roban contraseñas en Android

Expertos de seguridad encuentran 85 aplicaciones más en la Play Store, con millones de descargas, que robaban las contraseñas de los usuarios.

7 views20:05

Security News for Everyone

https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html

Google Cloud Blog

TRITON Malware | Attackers Deploy New ICS Attack Framework | Google Cloud Blog

TRITON malware is a new attack framework built to interact with Triconex SIS controllers and causes operational disruption to critical infrastructure.

1.43K views20:06

Security News for Everyone

https://lab.wallarm.com/the-good-the-bad-and-the-ugly-of-safari-in-client-side-attacks-56d0cb61275a

👉The Good, The Bad and The Ugly of Safari in Client-Side Attacks

In this post, we will take a look at the possibility of a XSS exploit and a cookie compromise stemming from “unusual” Safari behavior.👍

1.23K views20:07

Security News for Everyone

https://www.thezdi.com/blog/2017/12/13/remote-root-in-directvs-wireless-video-bridge-a-tale-of-rage-and-despair

Zero Day Initiative

Remote Root in DirecTV's Wireless Video Bridge: A Tale of Rage and Despair

UPDATE: After the initial publication of this blog, an official Belkin spokesperson reached out to the ZDI to confirm this bug is being fixed. They stated DirecTV/AT&T will be addressing this through WVB Firmware version 1.0.41. The firmware is rolling out…

1.2K views20:07

Security News for Everyone

https://gitlab.com/nowayout/yara_sweeper

nowayout / yara_sweeper

Yara Sweeper for Incident Response

1.19K views20:07

Security News for Everyone

https://oddvar.moe/2017/12/13/harden-windows-with-applocker-based-on-case-study-part-1/

Oddvar Moe's Blog

Harden Windows with AppLocker – based on Case study part 1

This blogpost is actually a tribute to Matt Graeber’s request from twitter. Since I have learned so much stuff from that guy, I take these sort of request really seriously. In my post …

1.19K views20:07

Security News for Everyone

https://medium.com/@clong/introducing-detection-lab-61db34bed6ae

Introducing: Detection Lab

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

1.23K views20:08

Security News for Everyone

https://www.twistlock.com/2017/12/13/hiding-content-git-escape-sequence-twistlock-labs-experiment/

Unit 42 - Latest Cyber Security Research | Palo Alto Networks

This post is also available in: 日本語 (Japanese)

1.26K views20:08

Security News for Everyone

http://seclists.org/fulldisclosure/2017/Dec/38

Full Disclosure: CVE-2017-15944: Palo Alto Networks firewalls remote root code
execution

1.39K views20:08

Security News for Everyone

https://diablohorn.com/2017/12/12/attacking-encrypted-systems-with-qemu-and-volatility/

attacking encrypted systems with qemu and volatility

Lately I’ve had to deal with setups which had transparent full disk encryption and were pretty hardened. If you are wondering what ‘transparent full disk encryption’ means, that&…

1.7K views20:08

Security News for Everyone

#Venezuela #Bitcoin

https://dolartoday.com/atencion-polilara-quien-mine-criptomonedas-comete-ilicitos-cambiarios-y-va-la-carcel/

¡ATENCIÓN! PoliLara: Quien mine criptomonedas comete ilícitos cambiarios y va a la cárcel

Dentro de un galpón en la calle 35 entre carreras 20 y 21, en el centro de Barquisimeto, una comisión del Servicio de Investigaciones Penales del Cuerpo de

1.96K views20:44

Security News for Everyone

https://krebsonsecurity.com/2017/12/mirai-iot-botnet-co-authors-plead-guilty/

1.87K views22:45

Security News for Everyone

Forwarded from Deleted Account

F.C.C. Repeals Net Neutrality Rules (Score: 168+)

Link: http://j.mp/2AsJiQI

F.C.C. Repeals Net Neutrality Rules

In a 3-to-2 vote along party lines, the agency scrapped Obama-era rules meant to protect an open internet.

2.42K views23:09

Security News for Everyone

ROBOT es una variación de una vulnerabilidad que lleva 19 años presente en RSA - MuySeguridad
https://www.muyseguridad.net/2017/12/14/robot-vulnerabilidad-19-anos-rsa/

ROBOT es una variación de una vulnerabilidad que lleva 19 años presente en RSA

ROBOT es una variación de una vulnerabilidad que descubierta hace 19 años en el protocolo de cifrado RSA que no fue bien resuelta.

1.81K views08:36

Security News for Everyone

Forwarded from vulners

URGENT! Two Critical 0-Day Remote Exploits for the Latest Version of #vBulletin Forum Disclosed Publicly—NO PATCH Available - Remote Code Execution Vulnerability

Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server.

The vulnerabilities affect version 5 of the vBulletin forum software and are currently unpatched. Beyond Security claims, it tried to contact vBulletin since November 21, 2017, but received no response from the company.

Read more at Vulners by THN

2.76K views11:04

Security News for Everyone

https://github.com/peewpw/Invoke-PSImage

GitHub - peewpw/Invoke-PSImage: Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute - peewpw/Invoke-PSImage

1.48K views14:52

Security News for Everyone

https://core.trac.wordpress.org/ticket/39309#comment:21

1.46K views14:53

Security News for Everyone

Remote LD_Preload explotation https://www.elttam.com.au/blog/goahead/

1.43K viewsedited 14:53

Security News for Everyone

https://secdevops.ai/theres-no-place-like-1-enumerating-local-ipv6-networks-88a6247e3519

1.43K views14:53

Security News for Everyone

https://pentesterslife.blog/2017/12/18/custom-x64-encoder-with-a-basic-polymorphic-engine-implementation/

Pentester's life

Custom x64 encoder with a basic polymorphic engine implementation

I’ll develop a python encoder that will XOR the payload, byte by byte, with a randomly generated byte value, and also generate a polymorphic stub in x64 to decode that payload, by brute-forci…

1.3K views14:54

Security News for Everyone

https://bitrot.sh/cheatsheet/14-12-2017-pivoting/

What Is A Python Library?

Simplified Life

1.2K views14:54