#Apache #Struts #vulnerability
http://feedproxy.google.com/~r/TheHackersNews/~3/avE1jcuW1IY/apache-struts-vulnerability.html
https://isc.sans.edu/diary/rss/22788
http://feedproxy.google.com/~r/TheHackersNews/~3/avE1jcuW1IY/apache-struts-vulnerability.html
https://isc.sans.edu/diary/rss/22788
The Hacker News
Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers
A Critical remote code execution vulnerability (CVE-2017-9805) has been discovered in Apache Struts web application framework
#USB #RubberDucky low cost original
https://thehackerway.com/2017/09/05/vuelve-el-patito-low-cost-ahora-grazna-como-un-usb-rubber-ducky-original/
https://thehackerway.com/2017/09/05/vuelve-el-patito-low-cost-ahora-grazna-como-un-usb-rubber-ducky-original/
Seguridad en Sistemas y Técnicas de Hacking. TheHackerWay (THW)
Vuelve el patito low cost, ahora grazna como un USB Rubber Ducky original
Sobre los autores: Ernesto Sánchez (@ernesto_xload) y Joel Serna (@JoelSernaMoreno) son consultores en seguridad informática que han participado en eventos como: Navaja Negra, MorterueloCON y Eastm…
📃 "La vulnerabilidad de Whatsapp está en sus políticas" https://www.derechosdigitales.org/10831/la-vulnerabilidad-de-whatsapp-esta-en-sus-politicas/
#Whatsapp
⚠️[ALERTA] Suplantan a @bbva en este correo malicioso. #Nocliques #Nopiques y bloquea dominio bbvadocs.es https://t.co/zC4WVfbrVG
Twitter
ESET España
⚠️[ALERTA] Suplantan a @bbva en este correo malicioso. #Nocliques #Nopiques y bloquea dominio bbvadocs.es
Vulnerabilidad de fuga de información en Palo Alto Networks https://t.co/7H5kwh25C4
CERTSI
Fuga de información en Palo Alto Networks
Una vulnerabilidad en el PAN-OS de Palo Alto podría permitir a un atacante remoto no autenticado acceder a información sensible en el sistema.
Vulnerabilidad de ejecución remota de código en Hewlett Packard Enterprise Operations Orchestration https://t.co/IeMTXt8ONQ
Versiones anteriores a 10.80
#HP
Versiones anteriores a 10.80
#HP
CERTSI
Vulnerabilidad de ejecución remota de código en Hewlett Packard Enterprise Operations Orchestration
Se ha publicado una vulnerabilidad cuya explotación permitiría la ejecución remota de código no confiable en instalaciones Hewlett Packard Enterprise Operations Orchestration vulnerables.
#Microsoft won't patch #Edge browser content security bypass
Tells Cisco's Talos it's a feature, not a bug. #Apple and #Google disasgree and fixed it
Which of Google, Apple and Microsoft think a content security bypass doesn't warrant a browser patch?…
http://go.theregister.com/feed/www.theregister.co.uk/2017/09/07/talos_says_msft_edge_content_security_bypass_is_a_feature_wont_be_patched/
Tells Cisco's Talos it's a feature, not a bug. #Apple and #Google disasgree and fixed it
Which of Google, Apple and Microsoft think a content security bypass doesn't warrant a browser patch?…
http://go.theregister.com/feed/www.theregister.co.uk/2017/09/07/talos_says_msft_edge_content_security_bypass_is_a_feature_wont_be_patched/
www.theregister.co.uk
Microsoft won't patch Edge browser content security bypass
Tells Cisco's Talos it's a feature, not a bug. Apple and Google disasgree and fixed it
#Google lanza un nuevo programa de certificación para programadores
https://developers.googleblog.com/2017/09/introducing-mobile-web-specialist.html?m=1
https://developers.googleblog.com/2017/09/introducing-mobile-web-specialist.html?m=1
Google Developers Blog
Introducing the Mobile Web Specialist Certification by Google Developers
News and insights on Google platforms, tools, and events.
Find a security policy template for your organization in the SANS Security Policy Resources: https://t.co/jckuVhsNac
www.sans.org
SANS - Information Security Resources | Information Security Policy Templates |
Free information security policy templates courtesy of the SANS Institute, Michele D. Guel, and other information security leaders.
#Pharming y #spim: los primos hermanos del #phishing y el #spam ¿Quieres información sobre estos tipos de ataques?
https://t.co/AA7OxLcYmL
https://t.co/AA7OxLcYmL
www.osi.es
Pharming y spim: los primos hermanos del phishing y el spam
PHARMING ¿Qué es el pharming? El pharming es un ciberataque que consiste en redireccionar el tráfico web de una página legítima hacia otra página falsa. ¿Cómo funciona el pharming? Mediante esta técnica, el atacante consigue que, cuando abramos nuestro navegador…
#Bug in #Windows #Kernel Could Prevent Security Software From Identifying #Malware
https://t.co/7IpgIoK6MA
https://t.co/7IpgIoK6MA
BleepingComputer
Bug in Windows Kernel Could Prevent Security Software From Identifying Malware
Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime.
CVE-2017-0780: Denial-of-Service #Vulnerability can #Crash #Android Messages App https://t.co/UVmhfiFihe #TrendMicro
TrendLabs Security Intelligence Blog
CVE-2017-0780: Denial-of-Service Vulnerability can Crash Android Messages App - TrendLabs Security Intelligence Blog
CVE-2017-0780, a denial-of-service vulnerability we recently disclosed to Google, can let attackers remotely crash their victims’ Android Messages app.
Heap Exploitation
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
GitBook
Heap Exploitation · GitBook
heap-exploitation: This book on heap exploitation is a guide to understanding the internals of glibc's heap. It also describes, in detail, various attacks possible on the heap structure.
Locky ha vuelto. Esta vez vía spam robando más de 23 millones de email en solo 24 horas. https://t.co/YGykOS6Ayr #locky #spam
Bankinfosecurity
Locky Returns via Spam and Dropbox-Themed Phishing Attacks
A massive Locky ransomware campaign has been infecting devices via malware-laced spam messages as well as through fake Dropbox phishing pages. More than 23 million
Los #DDoS ya no son problema sólo para grandes empresas. Se han convertido en una amenaza también para #pymes https://t.co/qk5fOvJjXZ #DDoS
Dark Reading
7 Things to Know About Today's DDoS Attacks
DDoS attacks are no longer something that just big companies in a few industries need to worry about. They have become a threat to every business.