SysAdmin 24x7
@sysadmin24x7
4.34K subscribers
41 photos
2 videos
8 files
6.02K links
Noticias y alertas de seguridad informática.
Chat y contacto:
t.me/sysadmin24x7chat
Download Telegram
About
Blog
Apps
Platform
Join
SysAdmin 24x7
4.34K subscribers
SysAdmin 24x7
#Exim 4.9.1 #RCE Remote Command Execution

Qualys discovered a remote command execution vulnerability in Exim versions 4.87 to 4.91.

https://packetstormsecurity.com/files/153218/QSA-CVE-2019-10149.txt
Packetstormsecurity
Exim 4.9.1 Remote Command Execution ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
604 views
SysAdmin 24x7
Los canales públicos de Telegram vía web desde el 1 de junio, sin necesidad de aplicación:

https://t.me/s/sysadmin24x7
609 views
SysAdmin 24x7
Forwarded from Una al día
Nueva Botnet ataca mediante fuerza bruta servidores RDP

https://unaaldia.hispasec.com/2019/06/nueva-botnet-ataca-mediante-fuerza-bruta-servidores-rdp.html
Una al Día
Nueva Botnet ataca mediante fuerza bruta servidores RDP — Una al Día
Investigadores de seguridad han descubierto una botnet que está llevando a cabo una campaña de fuerza bruta contra mas de un millón y medio de servidores RDP públicamente accesibles desde Internet.…
13 views
SysAdmin 24x7
#Adobe Issues Critical Patches for ColdFusion, #FlashPlayer, Campaign Software

Adobe has just released the latest June 2019 software updates to address a total 11 security vulnerabilities in its three widely-used products Adobe ColdFusion, Flash Player, and Adobe Campaign.

https://thehackernews.com/2019/06/adobe-patch-june.html
550 views
SysAdmin 24x7
#Microsoft June 2019 Patch Tuesday fixes many of #SandboxEscaper zero-days

Microsoft patches four of five zero-days published by SandboxEscaper.

https://www.zdnet.com/article/microsofts-june-2019-patch-tuesday-fixes-many-of-sandboxescapers-zero-days/
ZDNet
Microsoft's June 2019 Patch Tuesday fixes many of SandboxEscaper's zero-days
Microsoft patches four of five zero-days published by SandboxEscaper.
533 views
SysAdmin 24x7
Bad Cert Vulnerability Can Bring Down Any #WindowsServer

A Google security expert today revealed that an unpatched issue in the main cryptographic library of Microsoft's operating system can cause a denial-of-service ( #DoS ) condition in Windows 8 servers and above.

https://www.bleepingcomputer.com/news/security/bad-cert-vulnerability-can-bring-down-any-windows-server/
BleepingComputer
Bad Cert Vulnerability Can Bring Down Any Windows Server
A Google security expert today revealed that an unpatched issue in the main cryptographic library in Microsoft's operating system can cause a denial-of-service (DoS) condition on Windows 8 servers and above.
485 views
SysAdmin 24x7
#Microsoft #NTLM Flaws Expose All Windows Machines to RCE Attacks

Two critical vulnerabilities in Microsoft's NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version.

https://www.bleepingcomputer.com/news/security/microsoft-ntlm-flaws-expose-all-windows-machines-to-rce-attacks/
BleepingComputer
Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks
Two critical vulnerabilities in Microsoft's NTLM authentication protocol consisting of three logical flaws make it possible for attackers to run remote code and authenticate on machines running any Windows version.
493 views
SysAdmin 24x7
We’re currently experiencing a powerful DDoS attack, #Telegram users in the Americas and some users from other countries may experience connection issues.

https://twitter.com/telegram/status/1138768124914929664
Twitter
Telegram Messenger
We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues.
668 views
SysAdmin 24x7
Múltiples vulnerabilidades en productos #Intel

Fecha de publicación: 12/06/2019
Importancia: 4 - Alta

Recursos afectados: 
Intel® Accelerated Storage Manager en Intel® RSTe, versiones anteriores a 5.5.0.2015
Intel® RAID Web Console 3 para Windows, versión 4.186 y anteriores
Intel® NUC Kit, consultar el apartado referencias para ver las versiones afectadas
Intel® Compute Card, consultar el apartado referencias para ver las versiones afectadas
Intel® Compute Stick, consultar el apartado referencias para ver las versiones afectadas
Open CIT y OpenAttestation, todas las versiones
Intel® Omni-Path Fabric Manager GUI, versiones anteriores a 10.9.2.1.1
Intel® PROSet/Wireless WiFi Software, versiones anteriores a 21.10 para Microsoft Windows 7, 8.1 y 10
Intel® Turbo Boost Max Technology 3.0 driver, versión 1.0.0.1035 y anteriores
Intel® SGX Linux client driver, versiones anteriores a 2.5
Intel® SGX DCAP Linux driver, versiones anteriores a 1.1
ITE Tech* Consumer Infrared Driver para Windows 10, versiones anteriores a 5.4.3.0
Intel® Chipset Device Software (INF Update Utility), versiones anteriores a 10.1.1.45

Descripción: 
Intel ha publicado múltiples vulnerabilidades que afectan a varios de sus productos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-intel-10
INCIBE-CERT
Múltiples vulnerabilidades en productos Intel
Intel ha publicado múltiples vulnerabilidades que afectan a varios de sus productos.
475 views
SysAdmin 24x7
Boletín de seguridad de #Microsoft de junio de 2019

Fecha de publicación: 12/06/2019
Importancia: 5 - Crítica

Recursos afectados: 
Adobe Flash Player
Microsoft Windows
Internet Explorer
Microsoft Edge
Microsoft Office y Microsoft Office Services y Web Apps
ChakraCore
Skype para Business y Microsoft Lync
Microsoft Exchange Server
Azure

Descripción: 
La publicación de actualizaciones de seguridad de Microsoft de este mes consta de 87 vulnerabilidades, 21 clasificadas como críticas y 66 como importantes.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/boletin-seguridad-microsoft-junio-2019
INCIBE-CERT
Boletín de seguridad de Microsoft de junio de 2019
La publicación de actualizaciones de seguridad de Microsoft de este mes consta de 87 vulnerabilidades, 21 clasificadas como críticas y 66 como importantes.
437 views
SysAdmin 24x7
Actualización de seguridad de #SAP de junio de 2019

Fecha de publicación: 12/06/2019
Importancia: 5 - Crítica

Recursos afectados: 
SAP Business Client, versión 6.5
Solution Manager, versión 7.2
SAP E-Commerce (Business-to-Consumer application), versiones: SAP-CRMJAV, SAP-CRMWEB, SAP-SHRWEB, SAP-SHRJAV, SAP-CRMAPP, SAP-SHRAPP 7.30, 7.31, 7.32, 7.33, 7.54
SAP R/3 Enterprise Application, versiones: EA-APPL  600, 602, 603, 604, 605, 606, 616, 617
SAP BusinessObjects Business Intelligence Platform (Administration Console), versiones 4.2, 4.3
SAP NetWeaver Process Integration (PI Integration Builder Web UI), versiones: SAP_XIESR: 7.10 hasta 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; SAP_XITOOL: 7.10 hasta 7.11, 7.30, 7.31, 7.40, 7.50, SAP_XIPCK 7.10 hasta 7.11, 7.20, 7.3
SAP Work Manager and SAP Inventory Manager, versiones SAP Work Manager 6.3.0, 6.4.0, 6.5 
SAP NetWeaver AS ABAP Platform, versiones KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73
SAP NetWeaver Process Integration, versiones SAP_XIESR: 7.10 hasta 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; SAP_XITOOL: 7.10 hasta 7.11, 7.20, 7.30, 7.31, 7.40, 7.50
SAP HANA Extended Application Services (advanced model), versión 1
SAP Enterprise Financial Services, versiones SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20

Descripción: 
SAP ha publicado varias actualizaciones de seguridad de diferentes productos en su comunicado mensual.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-sap-junio-2019
INCIBE-CERT
Actualización de seguridad de SAP de junio de 2019
SAP ha publicado varias actualizaciones de seguridad de diferentes productos en su comunicado mensual.
449 views
SysAdmin 24x7
Actualización de seguridad de #Joomla!

Fecha de publicación: 12/06/2019
Importancia: Baja

Recursos afectados
Joomla! CMS, versiones desde 3.6.0 hasta 3.9.6.

Descripción
Joomla! ha publicado dos nuevas versiones, la 3.9.8 y la 3.9.7, incluyendo en esta última la solución de tres vulnerabilidades de criticidad baja en su núcleo.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/actualizacion-seguridad-joomla
INCIBE-CERT
Actualización de seguridad de Joomla!
Joomla! ha publicado dos nuevas versiones, la 3.9.8 y la 3.9.7, incluyendo en esta última la solución de tres vulnerabilidades de criticidad baja en su núcleo.
493 viewsedited  
SysAdmin 24x7
Coding a reliable CVE-2019-084 bypass

https://0x00-0x00.github.io/research/2019/05/30/Coding-a-reliable-CVE-2019-0841-Bypass.html
zc00l blog
Coding a reliable CVE-2019-084 bypass
Hi all. It’s been some time. I apologize for my absence, but I need to carry on with life and work and, sometimes, there’s no time for this blog.
479 views
SysAdmin 24x7
Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication

https://blog.preempt.com/your-session-key-is-my-session-key
504 views
SysAdmin 24x7
#Sysmon 10.0 - New features and changes

Mark Russinovich released a new version of Sysmon, raising it to 10.0, and this is a great upgrade!


https://medium.com/@olafhartong/sysmon-10-0-new-features-and-changes-e82106f2e00
Medium
Sysmon 10.0 - New features and changes
Last night (June 11th 2019) Mark Russinovich released a new version of Sysmon, raising it to 10.0, and this is a great upgrade!
565 viewsedited  
SysAdmin 24x7
#Cisco Releases Security Update for Cisco IOS XE

Cisco has released a security update to address a vulnerability in Cisco IOS XE. A remote attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.

https://www.us-cert.gov/ncas/current-activity/2019/06/12/Cisco-Releases-Security-Update-Cisco-IOS-XE
www.us-cert.gov
Cisco Releases Security Update for Cisco IOS XE | US-CERT
Cisco has released a security update to address a vulnerability in Cisco IOS XE. A remote attacker could exploit this vulnerability to take control of an affected system.
507 views
SysAdmin 24x7
#Exim Mail Server Remote Code Execution (CVE-2019-10149)

Severity:Critical

Who is Vulnerable?
Exim Mail Server versions 4.87 to 4.91 (inclusive)

Vulnerability Description:
A remote code execution vulnerability exists in Exim Mail Server. A remote attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation could result in execution of arbitrary code on the affected system.

https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0743.html
Check Point Software
CPAI-2019-0743 | Check Point Software
Exim Mail Server Remote Code Execution (CVE-2019-10149) - CPAI-2019-0743
499 views
SysAdmin 24x7
#Apple ha lanzado una actualización de seguridad para sus #Airport Base Stations

https://www.seguridadapple.com/2019/06/apple-ha-lanzado-una-actualizacion-de.html
Seguridadapple
Apple ha lanzado una actualización de seguridad para sus Airport Base Stations
Apple ha lanzado una serie de actualizaciones relativas a varios problemas de seguridad en el firmware de sus AirPort Base Stations. Lanzad...
477 views
SysAdmin 24x7
Cross-Site Request Forgery en Cisco IOS XE Software Web

Fecha de publicación: 13/06/2019
Importancia: 4 - Alta

Recursos afectados: 
Productos Cisco IOS XE Software con la característica HTTP Server habilitada.

Descripción: 
Cisco ha publicado una vulnerabilidad que afecta a la interfaz web de usuario por la que un atacante remoto no autenticado podría realizar un ataque Cross-Site Request Forgery (CSRF).

Solución: 
Cisco no ha publicado ninguna solución al respecto. Como medida de mitigación recomienda desactivar la característica HTTP Server mediante los comandos "no ip http server" o "no ip http secure-server".

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/cross-site-request-forgery-cisco-ios-xe-software-web
INCIBE-CERT
Cross-Site Request Forgery en Cisco IOS XE Software Web
Cisco ha publicado una vulnerabilidad que afecta a la interfaz web de usuario por la que un atacante remoto no autenticado podría realizar un ataque Cross-Site Request Forgery (CSRF).
480 views
SysAdmin 24x7
Flaw in #Evernote Web Clipper for #Chrome extension allows stealing data

Security experts discovered a vulnerability in the popular Evernote Web Clipper for Chrome can be exploited to steal sensitive data from sites visited by users.

https://securityaffairs.co/wordpress/87033/hacking/evernote-web-clipper-chrome-flaw.html
Security Affairs
Flaw in Evernote Web Clipper for Chrome extension allows stealing data
Security experts discovered a vulnerability in the popular Evernote extension for Chrome can be exploited to steal sensitive data from sites visited by users.
501 views
SysAdmin 24x7
#FIN8 Hacker Group using Highly Sophisticated ShellTea #Malware to Attack Hospitality Sector

FIN8 hacker group is back with a new highly sophisticated variant of the ShellTea malware and carried out attacks against hotel and entertainment industry. This would be the first attack by FIN8 hacker group in 2019, and it is believed that malware was deployed as a result of a phishing attack.

https://gbhackers.com/fin8-hacker-group-malware
GBHackers On Security
FIN8 Hacker Group using Highly Sophisticated ShellTea Malware
FIN8 hacker group is back with a new highly sophisticated variant of the ShellTea malware and carried out attacks against hotel and entertainment industry.
543 views