Múltiples vulnerabilidades en productos de F5
Fecha de publicación: 02/07/2019
Importancia: 4 - Alta
Recursos afectados:
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), versiones:
14.0.0 - 14.1.0.5;
13.0.0 - 13.1.1.4;
12.1.0 - 12.1.4;
11.5.1 - 11.6.4.
F5 SSL Orchestrator, versiones:
14.0.0;
14.1.0.
Descripción:
F5 ha publicado múltiples vulnerabilidades del tipo XSS, DoS, inyección de comandos y flujo de tráfico no revelado.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-f5-3
Fecha de publicación: 02/07/2019
Importancia: 4 - Alta
Recursos afectados:
BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator), versiones:
14.0.0 - 14.1.0.5;
13.0.0 - 13.1.1.4;
12.1.0 - 12.1.4;
11.5.1 - 11.6.4.
F5 SSL Orchestrator, versiones:
14.0.0;
14.1.0.
Descripción:
F5 ha publicado múltiples vulnerabilidades del tipo XSS, DoS, inyección de comandos y flujo de tráfico no revelado.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-f5-3
INCIBE-CERT
Múltiples vulnerabilidades en productos de F5
F5 ha publicado múltiples vulnerabilidades del tipo XSS, DoS, inyección de comandos y flujo de tráfico no revelado.
#Android July 2019 #Security Update Patches 33 New Vulnerabilities
Google has started rolling out this month's security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity.
https://thehackernews.com/2019/07/android-security-update.html
Google has started rolling out this month's security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity.
https://thehackernews.com/2019/07/android-security-update.html
Múltiples vulnerabilidades en iDRAC de Dell EMC
Fecha de publicación: 02/07/2019
Importancia: 4 - Alta
Recursos afectados:
Dell EMC iDRAC6, versiones anteriores a 2.92;
Dell EMC iDRAC7/iDRAC8, versiones anteriores a 2.61.60.60;
Dell EMC iDRAC9, versiones anteriores a:
3.20.21.20;
3.21.24.22;
3.21.25.22;
3.21.26.22;
3.22.22.22;
3.23.23.23;
3.24.24.24;
3.30.30.30.
Descripción:
Dell EMC ha detectado tres vulnerabilidades de criticidad alta en múltiples productos de la familia iDRAC. Un atacante remoto podría, ejecutar código arbitrario, saltarse la autenticación o bloquear el sistema.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-idrac-dell-emc
Fecha de publicación: 02/07/2019
Importancia: 4 - Alta
Recursos afectados:
Dell EMC iDRAC6, versiones anteriores a 2.92;
Dell EMC iDRAC7/iDRAC8, versiones anteriores a 2.61.60.60;
Dell EMC iDRAC9, versiones anteriores a:
3.20.21.20;
3.21.24.22;
3.21.25.22;
3.21.26.22;
3.22.22.22;
3.23.23.23;
3.24.24.24;
3.30.30.30.
Descripción:
Dell EMC ha detectado tres vulnerabilidades de criticidad alta en múltiples productos de la familia iDRAC. Un atacante remoto podría, ejecutar código arbitrario, saltarse la autenticación o bloquear el sistema.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-idrac-dell-emc
INCIBE-CERT
Múltiples vulnerabilidades en iDRAC de Dell EMC
Dell EMC ha detectado tres vulnerabilidades de criticidad alta en múltiples productos de la familia iDRAC. Un atacante remoto podría, ejecutar código arbitrario, saltarse la autenticación o bloquear el sistema.
#Debian Security Advisory
DSA-4475-1 #openssl -- security update
https://www.debian.org/security/2019/dsa-4475
DSA-4475-1 #openssl -- security update
https://www.debian.org/security/2019/dsa-4475
#Debian Security Advisor
DSA-4473-1 #rdesktop -- actualización de seguridad
Información adicional:
Se encontraron múltiples problemas de seguridad en el cliente RDP rdesktop que podrían dar lugar a denegación de servicio y a ejecución de código arbitrario.
https://www.debian.org/security/2019/dsa-4473
DSA-4473-1 #rdesktop -- actualización de seguridad
Información adicional:
Se encontraron múltiples problemas de seguridad en el cliente RDP rdesktop que podrían dar lugar a denegación de servicio y a ejecución de código arbitrario.
https://www.debian.org/security/2019/dsa-4473
Forwarded from Una al día
OceanLotus APT usa el RAT Ratsnif en sus ataques.
https://unaaldia.hispasec.com/2019/07/oceanlotus-apt-usa-el-rat-ratsnif-en-sus-ataques.html
https://unaaldia.hispasec.com/2019/07/oceanlotus-apt-usa-el-rat-ratsnif-en-sus-ataques.html
Una al Día
OceanLotus APT usa el RAT Ratsnif en sus ataques. — Una al Día
El troyano de acceso remoto llamado Ratsnif, usado es campañas de ciber-espionaje, tiene ahora nuevas capacidades; permite modificar paginas web y secuestro SSL. OceanLotus es un grupo de hacking q…
#LooCipher: The New Infernal #Ransomware
A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. This time using a nice but scary name: LooCipher.
https://securityaffairs.co/wordpress/87857/malware/loocipher-ransomware.html
A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. This time using a nice but scary name: LooCipher.
https://securityaffairs.co/wordpress/87857/malware/loocipher-ransomware.html
Security Affairs
LooCipher: The New Infernal Ransomware
A new Ransomware appeared in the threat landscape, the malware began to threats the digital world. This time using a nice but scary name: LooCipher.
#VMware Releases Security Advisory for Multiple Products
VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to cause a denial-of-service condition.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisory VMSA-2019-0009 and apply mitigations or patches, when available.
https://www.us-cert.gov/ncas/current-activity/2019/07/02/vmware-releases-security-advisory-multiple-products
VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to cause a denial-of-service condition.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisory VMSA-2019-0009 and apply mitigations or patches, when available.
https://www.us-cert.gov/ncas/current-activity/2019/07/02/vmware-releases-security-advisory-multiple-products
www.us-cert.gov
VMware Releases Security Advisory for Multiple Products | CISA
VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit these vulnerabilities to cause a denial-of-service condition.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
RATs and stealers rush through “Heaven’s Gate” with new loader
#Talos
https://blog.talosintelligence.com/2019/07/rats-and-stealers-rush-through-heavens.html
#Talos
https://blog.talosintelligence.com/2019/07/rats-and-stealers-rush-through-heavens.html
Cisco Talos Blog
RATs and stealers rush through “Heaven’s Gate” with new loader
By Holger Unterbrink and Edmund Brumaghin.
Executive summary
Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release…
Executive summary
Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release…
Old known issue in #Firefox allows HTML files to steal other files from victim’s system
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a weakness in the popular web browser.
https://securityaffairs.co/wordpress/87928/hacking/firefox-flaw-data-theft.html
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a weakness in the popular web browser.
https://securityaffairs.co/wordpress/87928/hacking/firefox-flaw-data-theft.html
Security Affairs
Old known issue in Firefox allows HTML files to steal other files from victim's system
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim's computer due to a weakness in the popular web browser.
#Microsoft Defender #ATP alert categories are now aligned with #MITRE ATT&CK!
Microsoft Defender ATP alerts include analert category, which loosely identifies the kill chain stage associated with the alerted activity
https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-alert-categories-are-now-aligned-with/ba-p/732748
Microsoft Defender ATP alerts include analert category, which loosely identifies the kill chain stage associated with the alerted activity
https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-alert-categories-are-now-aligned-with/ba-p/732748
TECHCOMMUNITY.MICROSOFT.COM
Microsoft Defender ATP alert categories are now aligned with MITRE ATT&CK!
Microsoft Defender ATP alert categories are now aligned with MITRE ATT&CK!
Windows Defender ATP alert categories are now aligned with the MITRE..
#Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/03/cisco-releases-security-updates-multiple-products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/03/cisco-releases-security-updates-multiple-products
www.us-cert.gov
Cisco Releases Security Updates for Multiple Products | CISA
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
Godlua backdoor, the first #malware that abuses the #DNS over HTTPS (DoH)
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.
https://securityaffairs.co/wordpress/87976/malware/godlua-backdoor-abuses-doh.html
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.
https://securityaffairs.co/wordpress/87976/malware/godlua-backdoor-abuses-doh.html
Security Affairs
Godlua backdoor, the first bot that abuses the DNS over HTTPS (DoH)
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.
#Sodinokibi #Ransomware Exploits Windows Bug to Elevate Privileges
The Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.
https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-exploits-windows-bug-to-elevate-privileges/
The Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.
https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-exploits-windows-bug-to-elevate-privileges/
BleepingComputer
Sodinokibi Ransomware Exploits Windows Bug to Elevate Privileges
Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.
ACSC Releases Updated Essential Eight Maturity Model
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy.
https://www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy.
https://www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model
www.us-cert.gov
ACSC Releases Updated Essential Eight Maturity Model | CISA
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies…
#Microsoft #Outlook Security Feature Bypass (CVE-2017-11774)
Vulnerability Description
A security feature bypass vulnerability exists in Microsoft Outlook. The vulnerability is due to improper handling of objects in memory. A remote attacker may exploit this vulnerability by enticing a target user to load a specially crafted HTML file.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0832.html
Vulnerability Description
A security feature bypass vulnerability exists in Microsoft Outlook. The vulnerability is due to improper handling of objects in memory. A remote attacker may exploit this vulnerability by enticing a target user to load a specially crafted HTML file.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0832.html
Check Point Software
CPAI-2019-0832 | Check Point Software
Microsoft Outlook Security Feature Bypass (CVE-2017-11774) - CPAI-2019-0832
All-in-one #Mobile Security Frameworks including #Android and iOS Application Penetration Testing.
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
Hackers Online Club
Mobile Security Penetration Testing List 2026
Mobile Security Penetration Testing List for All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.
Ubuntu updates for TCP SACK Panic vulnerabilities
Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial of service attack, so it is crucial to have systems patched.
https://admin.insights.ubuntu.com/2019/07/05/mitigations-for-tcp-sack-panic-vulnerabilities
Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial of service attack, so it is crucial to have systems patched.
https://admin.insights.ubuntu.com/2019/07/05/mitigations-for-tcp-sack-panic-vulnerabilities
Ubuntu Blog
Ubuntu updates for TCP SACK Panic vulnerabilities
Patch systems against the SACK Panic vulnerabilities that could expose servers to a denial of service attack with Canonical's Kernel Livepatch.