Researcher Describes Docker Vulnerability
No Patch Available Yet, But Exploiting the Flaw Would Be 'Challenging'
https://www.bankinfosecurity.com/researcher-describes-docker-vulnerability-a-12535
No Patch Available Yet, But Exploiting the Flaw Would Be 'Challenging'
https://www.bankinfosecurity.com/researcher-describes-docker-vulnerability-a-12535
Bankinfosecurity
Researcher Describes Docker Vulnerability
A security researcher has found a significant flaw all versions of Docker, an open source container platform, that can give attackers read and write access to all
How to use AWS Secrets Manager client-side caching in .NET
https://aws.amazon.com/es/blogs/security/how-to-use-aws-secrets-manager-client-side-caching-in-dotnet/
https://aws.amazon.com/es/blogs/security/how-to-use-aws-secrets-manager-client-side-caching-in-dotnet/
Amazon Web Services
How to use AWS Secrets Manager client-side caching in .NET | Amazon Web Services
AWS Secrets Manager now has a client-side caching library for.NET that makes it easier to access secrets from .NET applications. This is in addition to client-side caching libraries for Java, JDBC, Python, and Go. These libraries help you improve availability…
#DFIR: No. Kali no es una distribución orientada al análisis forense digital
https://unminioncurioso.blogspot.com/2019/01/dfir-no-kali-no-es-una-distribucion.html
https://unminioncurioso.blogspot.com/2019/01/dfir-no-kali-no-es-una-distribucion.html
Blogspot
No. Kali no es una distribución orientada al análisis forense digital
Blog sobre Análisis Informático Forense - DFIR
Attack and Defense Around #PowerShell Event Logging
https://nsfocusglobal.com/Attack-and-Defense-Around-PowerShell-Event-Logging
https://nsfocusglobal.com/Attack-and-Defense-Around-PowerShell-Event-Logging
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Attack and Defense Around PowerShell Event Logging - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises…
0x00 Overview PowerShell has been a focus of concern for network defense. The fileless PowerShell, featuring LotL and excellent ease of use, is widely used in various attack scenarios. In order to capture PowerShell-based attacks, an increasing number of…
Múltiples vulnerabilidades en productos de Netgear
Fecha de publicación: 31/05/2019
Importancia: 4 - Alta
Descripción:
Netgear ha publicado 13 avisos de seguridad que afectan a sus productos, uno de ellos de severidad alta.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-6
Fecha de publicación: 31/05/2019
Importancia: 4 - Alta
Descripción:
Netgear ha publicado 13 avisos de seguridad que afectan a sus productos, uno de ellos de severidad alta.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-netgear-6
INCIBE-CERT
Múltiples vulnerabilidades en productos de Netgear
Netgear ha publicado 13 avisos de seguridad que afectan a sus productos, uno de ellos de severidad alta.
Microsoft warns users to patch as exploits for ‘wormable’ BlueKeep bug appear
https://techcrunch.com/2019/05/31/microsoft-bluekeep-worm-exploits/
https://techcrunch.com/2019/05/31/microsoft-bluekeep-worm-exploits/
TechCrunch
Microsoft warns users to patch as exploits for ‘wormable’ BlueKeep bug appear
Microsoft has issued its second advisory this month urging users to update their systems to prevent a re-run of attacks similar to WannaCry. The software giant said Thursday that the recently discovered “wormable” vulnerability in Remote Desktop Services…
Apple Releases Security Updates for AirPort Extreme, AirPort Time Capsule
https://seclists.org/cert/2019/120
https://seclists.org/cert/2019/120
seclists.org
CERT: Apple Releases Security Updates for AirPort Extreme, AirPort Time Capsule
Ya llega BlueKeep... aka ejecución remota de código en RDP
https://www.hackplayers.com/2019/05/ya-llega-bluekeep-rce-en-rdp.html
https://www.hackplayers.com/2019/05/ya-llega-bluekeep-rce-en-rdp.html
Hackplayers
Ya llega BlueKeep... aka ejecución remota de código en RDP
El pasado martes 14 de mayo Microsoft lanzaba un parche para la vulnerabilidad CVE-2019-0708 bautizada también como BlueKeep , una vulner...
Las 3 aplicaciones para hacer OSINT a un correo electrónico en España
https://blog.quantika14.com/blog/2019/05/28/las-3-aplicaciones-para-hacer-osint-a-un-correo-electronico-en-espana/
https://blog.quantika14.com/blog/2019/05/28/las-3-aplicaciones-para-hacer-osint-a-un-correo-electronico-en-espana/
Blog QuantiKa14
Las 3 aplicaciones para hacer OSINT a un correo electrónico en España
Ya hablamos con anterioridad sobre qué se puede saber solo con el dato de un correo electrónico en tres artículos en este blog: ¿Qué puedo hacer y saber de ti con tu email?: La técnica de los 3 año…
How to Set Up an #SSH Server with #Tor to Hide It from #Shodan & Hackers
The next libSSH or OpenSSH exploit may be just around the corner. Keep your SSH service out of Shodan's database before hackers find new ways to bypass the password protecting the server.
Shodan has been called the “ hacker’s search engine” because it’s literally a searchable database of internet-connected devices and servers. It allows anyone to search for webcams, routers, servers, Raspberry Pis, traffic lights, point of sale systems, industrial control systems, and much more.
https://medium.com/@NullByteWht/how-to-set-up-an-ssh-server-with-tor-to-hide-it-from-shodan-hackers-eda93927a742
The next libSSH or OpenSSH exploit may be just around the corner. Keep your SSH service out of Shodan's database before hackers find new ways to bypass the password protecting the server.
Shodan has been called the “ hacker’s search engine” because it’s literally a searchable database of internet-connected devices and servers. It allows anyone to search for webcams, routers, servers, Raspberry Pis, traffic lights, point of sale systems, industrial control systems, and much more.
https://medium.com/@NullByteWht/how-to-set-up-an-ssh-server-with-tor-to-hide-it-from-shodan-hackers-eda93927a742
Medium
How to Set Up an SSH Server with Tor to Hide It from Shodan & Hackers
Keep your SSH service out of Shodan’s database before hackers find new ways to bypass the password protecting the server.
How #WhatsApp was Hacked by Exploiting a Buffer Overflow Security Flaw
https://blog.adversary.io/whatsapp-hack/
https://blog.adversary.io/whatsapp-hack/
blog.adversary.io
How Hackers Exploited a Buffer Overflow Security Flaw to Hack WhatsApp
How WhatsApp was hacked by exploiting a buffer overflow security flaw
Múltiples vulnerabilidades en HPE Smart Update Manager
Fecha de publicación: 03/06/2019
Importancia: 5 - Crítica
Recursos afectados:
HPE Smart Update Manager (SUM) versiones anteriores a la 8.4
Descripción:
HPE ha publicado dos vulnerabilidades, de tipo escalada de privilegios locales sin autorización y acceso remoto no autorizado en su producto HPE Smart Update Manager (SUM).
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-hpe-smart-update-manager
Fecha de publicación: 03/06/2019
Importancia: 5 - Crítica
Recursos afectados:
HPE Smart Update Manager (SUM) versiones anteriores a la 8.4
Descripción:
HPE ha publicado dos vulnerabilidades, de tipo escalada de privilegios locales sin autorización y acceso remoto no autorizado en su producto HPE Smart Update Manager (SUM).
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-hpe-smart-update-manager
INCIBE-CERT
Múltiples vulnerabilidades en HPE Smart Update Manager
HPE ha publicado dos vulnerabilidades, de tipo escalada de privilegios locales sin autorización y acceso remoto no autorizado en su producto HPE Smart Update Manager (SUM).
Múltiples vulnerabilidades en Intelligent Operations Center de IBM
Fecha de publicación: 03/06/2019
Importancia: 4 - Alta
Recursos afectados:
IBM® Intelligent Operations Center, versiones desde 5.1.0 hasta 5.2.0
IBM® Intelligent Operations Center para Emergency Management, versiones desde 5.1.0 hasta 5.1.0.6
IBM® Water Operations para Waternamics, versiones desde 5.1.0 hasta 5.2.1.1
Descripción:
Se han publicado dos vulnerabilidades de tipo denegación de servicio y validación incorrecta de archivos en Intelligent Operations Center (IOC).
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-intelligent-operations-center-ibm
Fecha de publicación: 03/06/2019
Importancia: 4 - Alta
Recursos afectados:
IBM® Intelligent Operations Center, versiones desde 5.1.0 hasta 5.2.0
IBM® Intelligent Operations Center para Emergency Management, versiones desde 5.1.0 hasta 5.1.0.6
IBM® Water Operations para Waternamics, versiones desde 5.1.0 hasta 5.2.1.1
Descripción:
Se han publicado dos vulnerabilidades de tipo denegación de servicio y validación incorrecta de archivos en Intelligent Operations Center (IOC).
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-intelligent-operations-center-ibm
INCIBE-CERT
Múltiples vulnerabilidades en Intelligent Operations Center de IBM
Se han publicado dos vulnerabilidades de tipo denegación de servicio y validación incorrecta de archivos en Intelligent Operations Center (IOC).
Evasión de autenticación en IBM PureApplication System
Fecha de publicación: 04/06/2019
Importancia: 4 - Alta
Recursos afectados:
IBM PureApplication System versiones:
2.2.3.0
2.2.3.1
2.2.3.2
2.2.4.0
2.2.5.0
2.2.5.1
2.2.5.2
2.2.5.3
Descripción:
IBM ha publicado una vulnerabilidad que afecta a su producto PureApplication System y que podría permitir obtener acceso de administrador.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/evasion-autenticacion-ibm-pureapplication-system
Fecha de publicación: 04/06/2019
Importancia: 4 - Alta
Recursos afectados:
IBM PureApplication System versiones:
2.2.3.0
2.2.3.1
2.2.3.2
2.2.4.0
2.2.5.0
2.2.5.1
2.2.5.2
2.2.5.3
Descripción:
IBM ha publicado una vulnerabilidad que afecta a su producto PureApplication System y que podría permitir obtener acceso de administrador.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/evasion-autenticacion-ibm-pureapplication-system
INCIBE-CERT
Evasión de autenticación en IBM PureApplication System
IBM ha publicado una vulnerabilidad que afecta a su producto PureApplication System y que podría permitir obtener acceso de administrador.
Múltiples vulnerabilidades en Dell EMC OpenManage System Administrator (OMSA)
Fecha de publicación: 04/06/2019
Importancia: 5 - Crítica
Recursos afectados:
Dell EMC OpenManage System Administrator (OMSA):
versiones anteriores a 9.1.0.3
versiones anteriores a 9.2.0.4
Descripción:
Dell ha publicado dos vulnerabilidades: una de severidad crítica, del tipo manipulación de parámetros web; y otra de severidad alta, que consiste en una inyección XXE (XML External Entity).
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-dell-emc-openmanage-system-administrator
Fecha de publicación: 04/06/2019
Importancia: 5 - Crítica
Recursos afectados:
Dell EMC OpenManage System Administrator (OMSA):
versiones anteriores a 9.1.0.3
versiones anteriores a 9.2.0.4
Descripción:
Dell ha publicado dos vulnerabilidades: una de severidad crítica, del tipo manipulación de parámetros web; y otra de severidad alta, que consiste en una inyección XXE (XML External Entity).
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-dell-emc-openmanage-system-administrator
INCIBE-CERT
Múltiples vulnerabilidades en Dell EMC OpenManage System Administrator (OMSA)
Dell ha publicado dos vulnerabilidades: una de severidad crítica, del tipo manipulación de parámetros web; y otra de severidad alta, que consiste en una inyección XXE (XML External Entity).
UCAM CTF Forense — Like old school
https://www.securityartwork.es/2019/05/31/ucam-ctf-forense-like-old-school/
UCAM CTF Forense — Like old school II
https://www.securityartwork.es/2019/06/04/ucam-ctf-forense-like-old-school-ii/
https://www.securityartwork.es/2019/05/31/ucam-ctf-forense-like-old-school/
UCAM CTF Forense — Like old school II
https://www.securityartwork.es/2019/06/04/ucam-ctf-forense-like-old-school-ii/
Even the NSA is urging #Windows users to patch #BlueKeep (CVE-2019-0708)
NSA issues ominous security advisory after Microsoft published two similar warnings last month.
https://www.zdnet.com/article/even-the-nsa-is-urging-windows-users-to-patch-bluekeep-cve-2019-0708/
NSA issues ominous security advisory after Microsoft published two similar warnings last month.
https://www.zdnet.com/article/even-the-nsa-is-urging-windows-users-to-patch-bluekeep-cve-2019-0708/
ZDNet
Even the NSA is urging Windows users to patch BlueKeep (CVE-2019-0708)
NSA issues ominous security advisory after Microsoft published two similar warnings last month.
#Microsoft #Windows #RDP Network Level Authentication can bypass the Windows lock screen
Vulnerability Note VU#576688
https://kb.cert.org/vuls/id/576688/
Vulnerability Note VU#576688
https://kb.cert.org/vuls/id/576688/
kb.cert.org
CERT/CC Vulnerability Note VU#576688
Microsoft Windows RDP can bypass the Windows lock screen
#MetaSploit Module Created for #BlueKeep Flaw, Private for Now
A researcher has created a module for the Metasploit penetration testing framework that exploits the critical BlueKeep vulnerability on vulnerable Windows XP, 7, and Server 2008 machines to achieve remote code execution.
https://www.bleepingcomputer.com/news/security/metasploit-module-created-for-bluekeep-flaw-private-for-now/
A researcher has created a module for the Metasploit penetration testing framework that exploits the critical BlueKeep vulnerability on vulnerable Windows XP, 7, and Server 2008 machines to achieve remote code execution.
https://www.bleepingcomputer.com/news/security/metasploit-module-created-for-bluekeep-flaw-private-for-now/
BleepingComputer
MetaSploit Module Created for BlueKeep Flaw, Private for Now
A researcher has created a module for the Metasploit Framework for penetration testing that exploits the critical BlueKeep vulnerability on vulnerable Windows XP, 7, and Server 2008 machines to achieve remote code execution.
#Google Releases Security Update for #Chrome
Google has released Chrome version 75.0.3770.80 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/06/04/Google-Releases-Security-Update-Chrome
Google has released Chrome version 75.0.3770.80 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/06/04/Google-Releases-Security-Update-Chrome
www.us-cert.gov
Google Releases Security Update for Chrome | US-CERT
Google has released Chrome version 75.0.3770.80 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.The Cybersecurity and Infrastructure Security Agency (CISA) encourages…