SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.03K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
ENISA's technical training material for CSIRT
#DFIR

https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/technical-operational
554 views
SysAdmin 24x7
#DFIR: First steps with Volatility

https://unminioncurioso.blogspot.com/2019/03/dfir-first-steps-with-volatility.html
Blogspot
First steps with Volatility
Blog sobre Análisis Informático Forense - DFIR
432 views
SysAdmin 24x7
Multiple Vulnerabilities in Android’s Download Provider (CVE-2018-9468, CVE-2018-9493, CVE-2018-9546)

Android’s Download Provider is a component of the Android framework and is designed to handle external downloads for other applications, such as web browsers (including Google Chrome), email clients (including Gmail), and the Google Play Store, among many others.

https://ioactive.com/multiple-vulnerabilities-in-androids-download-provider-cve-2018-9468-cve-2018-9493-cve-2018-9546/
427 views
SysAdmin 24x7
Shiina permite esconder un ejecutable en una imagen y luego convertirlo de vuelta en ejecutable interesante para usarlo en un downloader y ocultar el payload de soluciones de seguridad.

https://github.com/Fmk0/scripts

Vía @dragonjar
GitHub
Fmk0/scripts
Contribute to Fmk0/scripts development by creating an account on GitHub.
452 views
SysAdmin 24x7
Hackeados miles de routers D-Link para comprometer sus DNS

https://hipertextual.com/2019/04/routers-dns-dlink
Hipertextual
Hackeados miles de routers D-Link para comprometer sus DNS
Miles de routers de D-Link y otras marcas han sido hackeados en los últimos meses para comprometer su DNS y robar datos de los usuarios.
450 views
SysAdmin 24x7
Part 1 : A Journey into the UEFI Land : https://erfur.github.io/down_the_rabbit_hole_pt1/

Part 2 : Analyzing an EFI Application with Radare2 : https://erfur.github.io/down_the_rabbit_hole_pt2/

Down the Rabbit Hole (Part 3) : Patching the Whitelist : https://erfur.github.io/down_the_rabbit_hole_pt3/
518 views
SysAdmin 24x7
PowerShellArsenal

A PowerShell Module Dedicated To Reverse Engineering
https://www.kitploit.com/2019/04/powershellarsenal-powershell-module.html
KitPloit - PenTest & Hacking Tools
PowerShellArsenal - A PowerShell Module Dedicated To Reverse Engineering
731 views
SysAdmin 24x7
Elevación de privilegios en Módulo Fibre Channel de 16 Gb HPE Virtual Connect SE para Synergy

Fecha de publicación: 08/04/2019
Importancia: 5 - Crítica

Recursos afectados: 
Módulo Fibre Channel de 16 Gb HPE Virtual Connect SE para Synergy con firmware 5.00.50

Descripción: 
Una vulnerabilidad en el módulo Fibre Channel de 16 Gb HPE Virtual Connect SE para Synergy podría permitir la elevación no autorizada de privilegios local o remota.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/elevacion-privilegios-modulo-fibre-channel-16-gb-hpe-virtual
INCIBE-CERT
Elevación de privilegios en Módulo Fibre Channel de 16 Gb HPE Virtual Connect SE para Synergy
Una vulnerabilidad en el módulo Fibre Channel de 16 Gb HPE Virtual Connect SE para Synergy podría permitir la elevación no autorizada de privilegios local o remota.
486 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos de IBM

Fecha de publicación: 08/04/2019
Importancia: 5 - Crítica

Recursos afectados: 
IBM QRadar SIEM 7.3.2 GA - 7.3.2 GA Interim Fix 1
IBM API Connect versión 2018.1-2018.4.1.3

Descripción: 
IBM ha publicado dos vulnerabilidades en dos de sus productos. La explotación exitosa de alguna de ellas podría permitir una evasión de la autenticación o un escalado de privilegios.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-ibm-5
INCIBE-CERT
Múltiples vulnerabilidades en productos de IBM
IBM ha publicado dos vulnerabilidades en dos de sus productos. La explotación exitosa de alguna de ellas podría permitir una evasión de la autenticación o un escalado de privilegios.
471 views
SysAdmin 24x7
MUS CTF DFIR – MOBILE (Nivel 1)

https://www.securityartwork.es/2019/04/08/mus-ctf-dfir-mobile-nivel-1/
Security Art Work
MUS CTF DFIR – MOBILE (Nivel 1) - Security Art Work
Este fin de semana se pronosticaba un tiempo de perros en Madrid, y todavía estaba arrastrando un malware elegante que no terminaba de curar, así que tocaba casa y manta. Y el mismo viernes por la tarde me entero que la gente de Magnet había abierto al público…
499 views
SysAdmin 24x7
Un Exploit que permite escapar del Sandbox de safari con una sola línea de código

https://www.seguridadapple.com/2019/04/un-exploit-que-permite-escapar-del.html
Seguridadapple
Un Exploit que permite escapar del Sandbox de safari con una sola línea de código
Hace escasos días un investigador descubrió un exploit con el que escapar del sandbox de Safari utilizando una sola línea de código , el ex...
707 views
SysAdmin 24x7
Samba Releases Security Updates

The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.us-cert.gov/ncas/current-activity/2019/04/08/Samba-Releases-Security-Updates
www.us-cert.gov
Samba Releases Security Updates | US-CERT
The Samba Team has released security updates to address vulnerabilities in Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system.
512 views
SysAdmin 24x7
Red Hat Security Advisory

Synopsis: Important: python security update
Advisory ID: RHSA-2019:0710-01
Product: Red Hat Enterprise Linux
Advisory URL:
https://access.redhat.com/errata/RHSA-2019:0710

Issue date: 2019-04-08
CVE Names: CVE-2019-9636
515 views
SysAdmin 24x7
Security researchers discover iOS version of Exodus Android spyware

Exodus iOS spyware used against Italian and Turkmenistan users.

https://www.zdnet.com/article/security-researchers-discover-ios-version-of-exodus-android-spyware/
ZDNet
Security researchers discover iOS version of Exodus Android spyware
Exodus iOS spyware used against Italian and Turkmenistan users.
477 views
SysAdmin 24x7
"Adobe Releases Security Patches for Flash, Acrobat Reader, Other Products"

https://thehackernews.com/2019/04/adobe-security-updates.html
435 views
SysAdmin 24x7
Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack

https://thehackernews.com/2019/04/microsoft-patch-updates.html
437 views
SysAdmin 24x7
RSAC 2019: Why attackers need domain fronting

https://www.kaspersky.com/blog/domain-fronting-rsa2019/26352/
Kaspersky
RSAC 2019: Why attackers need domain fronting
A story from RSAC 2019 on how domain fronting is used to disguise communications between an infected machine and a command server.
390 views
SysAdmin 24x7
Cyber Attack Shuts Down Hoya Corp's Thailand Plant for Three Days

https://www.bleepingcomputer.com/news/security/cyber-attack-shuts-down-hoya-corps-thailand-plant-for-three-days/
BleepingComputer
Cyber Attack Shuts Down Hoya Corp's Thailand Plant for Three Days
Japanese optical products manufacturer HOYA Corporation was hit by a cyber attack at the end of February which led to a partial shutdown of its production lines from Thailand for three days.
413 views
SysAdmin 24x7
Mailman: Multiple vulnerabilities — GLSA201904-10

Multiple vulnerabilities have been found in Mailman, the worst of which could result in the arbitrary execution of code.

https://security.gentoo.org/glsa/201904-10
security.gentoo.org
Mailman: Multiple vulnerabilities (GLSA 201904-10) — Gentoo Security
Multiple vulnerabilities have been found in Mailman, the worst of which could result in the arbitrary execution of code.
448 views
SysAdmin 24x7
Samba CVE-2019-3870 Local Insecure File Permissions Vulnerability

https://www.securityfocus.com/bid/107798/info
Securityfocus
Samba CVE-2019-3870 Local Insecure File Permissions Vulnerability
SecurityFocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the Internet's largest and most comprehensive database of computer security knowledge and resources to the public. It…
522 views
SysAdmin 24x7
Verizon Patches Trio of Vulnerabilities in Home Router

https://www.darkreading.com/vulnerabilities---threats/verizon-patches-trio-of-vulnerabilities-in-home-router/d/d-id/1334385
Dark Reading
Verizon Patches Trio of Vulnerabilities in Home Router
One of the flaws gives attackers way to gain root access to devices, Tenable says.
438 views