🔵Security Announcement Regarding the Remote Command Execution Vulnerability in Sangfor's Terminal Detection Platform (EDR)

https://dailycve.com/security-announcement-regarding-remote-command-execution-vulnerability-sangfors-terminal-detection

🔵Patch for Jiransecurity Spamsniper buffer overflow vulnerability:

https://dailycve.com/patch-jiransecurity-spamsniper-buffer-overflow-vulnerability

If leaks of sensitive knowledge happen... After a business, five steps to take.
#CyberAttacks

AI chatbot'Achieved ', the cornerstone of several scandals, is increasing questions regarding the disclosure of personal knowledge.
#International

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🔍 Monitoring Linux system resources with SAR (System Activity Report) ::

🔍 Installing Bashtop - Monitoring Resources From Terminal For Linux | macOS | FreeBSD

SAR or System Activity Report is used to monitor Linux system resources.

It can be used to generate reports related to system performance, i.e. CPU reports, memory reports, disk reports, etc.

🔍 Installing Sensu Go Monitoring Tool on CentOS 8 / RHEL 8

It stores reports as logs on your system.

In this guide, we will learn about system resource monitoring with SAR with some examples, but first, we will install SAR on our system.

🔍 Installing and Configuring Checkmk on CentOS 8 and Monitoring Linux Hosts with Checkmk Agent

Installation
The SYSSTAT package is required to install the SAR utility on a system.
To install sysstat, run:
$ yum install sysstat
Now start and enable the sysstat service to start using SAR,
$ systemctl start sysstat
$ systemctl enable sysstat
After activating the service, log files for the current day will be created in the “/ var / log / sa” folder in the “sa15” file, where 15 is the current date.

Older files will be archived.

We can also change the number of days for which we keep our log files by changing the "HISTORY" parameter in the sysstat configuration file, for example, "/ etc / sysconfig / sysstat".

SAR utility syntax
The syntax for using sar is:

$ sar option interval (in seconds) number of records
An example would be:
$ sar 2 5
In this example, sar will provide a report generated at 2 second intervals with a total of 5 records.
Examples of SAR use
Generating a CPU report
Sar command to generate CPU report:

$ sar -u 2 5
Generating a memory report
The parameter used with sar to generate a memory report is "-r"
$ sar -r 2 5
Generating device statistics
The device report generation option is "-d" and it is used with "-p" to make the report in a readable format,

$ sar -d -p 2 5
Generating a SWAP Usage Report
Ability to generate a SWAp memory report for the system - "-S",

$ sar S 2 5

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Patch for FFmpeg 4.3.1 buffer overflow vulnerability :

https://dailycve.com/patch-ffmpeg-431-buffer-overflow-vulnerability

🔵Lianyi Technology Co., Ltd. identity authentication management system account complaint function has logic flaws and loopholes :

https://dailycve.com/lianyi-technology-co-ltd-identity-authentication-management-system-account-complaint-function-has

we respect whatsapp.com rules,about privacy and more...

(their app,their rules) we start some groups with signals & some new whatsapp groups some links


https://signal.group/#CjQKIEVV_LbRFyu3heIcYY_Phu4vjucrk7Hs7KvuAm4t_dkUEhBYgipLGas0IDTViu8syG8E


https://signal.group/#CjQKIJ7UR76KOv9WEwS1XZUn3X3e1DW43NVh313UnNhPYkB4EhBp5RVr-tK8UTxH-_ZMCOCV

https://signal.group/#CjQKIGVy0pCubRyrW4jjrEXdF9PZazKNAc5DV_CRy36dM30xEhDl5WNlUHsE9RZ7ZH9TaHaX


https://chat.whatsapp.com/L6LCpMg25yy9YBM5k1ZN2g

To save device power, Android 12 or let unused apps sleep.
#Updates

Twitter and Facebook blocked by a U.S. Internet service provider.
#Ban

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Hack with android malwares tutorials :

» Android-Reports-and-Resources(https://github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md)

>> android-security-awesome(https://github.com/ashishb/android-security-awesome)

>> Android Penetration Testing Courses(https://medium.com/mobile-penetration-testing/android-penetration-testing-courses-4effa36ac5ed)

>> Lesser-known Tools for Android Application PenTesting(https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-
android-pentest.html)

>> android-device-check - a set of scripts to check Android device security configuration(https://github.com/nelenkov/android-device-check)

>> apk-mitm - a CLI application that prepares Android APK files for HTTPS inspection(https://github.com/shroudedcode/apk-mitm)

>> Andriller - is software utility with a collection of forensic tools for smartphones(https://github.com/den4uk/andriller)

>> Dexofuzzy: Android malware similarity clustering method using opcode sequence-Paper(https://www.virusbulletin.com/virusbulletin/2019/11/dexofuzzy-android-malware-similarity-clustering-method-using-opcode-sequence/)

>> Chasing the Joker(https://docs.google.com/presentation/d/1sFGAERaNRuEORaH06MmZKeFRqpJo1ol1xFieUa1X_OA/edit#slide=id.p1)

>> Side Channel Attacks in 4G and 5G Cellular Networks-Slides(https://i.blackhat.com/eu-19/Thursday/eu-19-Hussain-Side-Channel-Attacks-In-4G-And-5G-Cellular-Networks.pdf)

>> Shodan.io-mobile-app for Android(https://github.com/PaulSec/Shodan.io-mobile-app)

>> Popular Android Malware 2018(https://github.com/sk3ptre/AndroidMalware_2018)

>> Popular Android Malware 2019(https://github.com/sk3ptre/AndroidMalware_2019)


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Multiple vulnerabilities in OMRON CX-One:

https://dailycve.com/multiple-vulnerabilities-omron-cx-one

🔵DLL loading vulnerability in SKYSEA Client View installer:

https://dailycve.com/dll-loading-vulnerability-skysea-client-view-installer

He mistakenly regained 127 bitcoins lost 8 years ago and wanted to make 4 million US dollars to invest in US stocks.
#International

The Internet of Things transition to Russian hardware has been delayed for a year. Just 2 producers per country are present.
#International

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to sync files and directories on Linux and Windows using Zaloha.sh ?

Installing Zaloha is trivial.

Just download the Zaloha.sh file from the GitHub repository and move it to your $ PATH, for example / usr / local / bin /.

Git clone the Zaloha repository and move the Zaloha.sh file to your $ PATH using the commands:

$ git clone https://github.com/Fitus/Zaloha.sh.git
$ sudo mv Zaloha.sh/Zaloha.sh /usr/local/bin/zaloha.sh
Finally, make it executable:
$ sudo chmod + x /usr/local/bin/zaloha.sh
On Windows, download the script to a suitable local directory.
I decided to put it in the C: \ TOOLS directory.

On Windows, CygWin must be installed as an additional step.

I have already installed CygWin on my laptop.
If you haven't installed CygWin yet, check out the official installation instructions.
Synchronizing files and directories in Linux with Zaloha.sh
Typical uses for Zaloha.sh are as follows.

$ zaloha.sh --sourceDir = <path_to_dir> --backupDir = <path_to_dir>
Let me show you a simple example.

I'm going to create two directories, namely test1 and test 2.

$ mkdir test1 test2
I have two text files named file1 and file2 in the test1 directory.

$ ls test1 /
file1 file2
And the test2 directory is empty.

Now I'm going to sync the test1 and test2 directories using Zaloha:

$ zaloha.sh --sourceDir = test1 / --backupDir = test2 / --color
Press "y" to continue.

Output example:

ANALYZING ./test1/ AND ./test2/
============================================
Parsing .............................................. done.
find ./test2/.Zaloha_metadata/ -path ./test2/.Zaloha_metadata/999_mark_executed -printf '/// \ tL \ t% y \ t% s \ t% Ts \ t% F \ t% D \ t% i \ t% n \ t% u \ t% g \ t% m \ t% P \ t /// \ t% l \ t /// \ n '
find ./test1/ -path ./test1/.Zaloha_metadata -prune -o -ipath './test1/$RECYCLE.BIN' -prune -o -path './test1/.Trash- [0-9] *' -prune -o -path ./test1/lost+found -prune -o -printf '/// \ tS \ t% y \ t% s \ t% Ts \ t% F \ t% D \ t% i \ t% n \ t% u \ t% g \ t% m \ t% P \ t /// \ t% l \ t /// \ n '
find ./test2/ -path ./test2/.Zaloha_metadata -prune -o -ipath './test2/$RECYCLE.BIN' -prune -o -path './test2/.Trash- [0-9] *' -prune -o -path ./test2/lost+found -prune -o -printf '/// \ tB \ t% y \ t% s \ t% Ts \ t% F \ t% D \ t% i \ t% n \ t% u \ t% g \ t% m \ t% P \ t /// \ t% l \ t /// \ n '
Cleaning ............................................. done.
Checking ............................................. done.
Sorting (2) .......................................... done.
Differences processing ...............................
Zaloha AWK: Warning: No last run of Zaloha found (this is OK if this is the first run)
done.
Sorting (3) .......................................... done.
Post-processing and splitting off Exec1 and Exec4 .... done.
Sorting (4) and selecting Exec2 ...................... done.
Preparing shellscript for Exec1 ...................... done.
Preparing shellscript for Exec2 ...................... done.
Preparing shellscript for Exec4 ...................... done.
Preparing shellscript to touch file 999 .............. done.
Preparing shellscripts for case of restore ........... done.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔵Security bulletin regarding remote code execution vulnerabilities in Windows DNS Server:

https://dailycve.com/security-bulletin-regarding-remote-code-execution-vulnerabilities-windows-dns-server

🔵Patch for FUEL CMS cross-site scripting vulnerability:

https://dailycve.com/patch-fuel-cms-cross-site-scripting-vulnerability

🔵Patch for FUEL CMS SQL injection vulnerability:

https://dailycve.com/patch-fuel-cms-sql-injection-vulnerability

Intel's Mobileye: It is possible to popularize completely autonomous driving by 2025.
#Technologies

The expansion of Airspan in the UK aims to fill the 5G gap left by Huaweii.
#International