Old known issue in #Firefox allows HTML files to steal other files from victim’s system
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a weakness in the popular web browser.
https://securityaffairs.co/wordpress/87928/hacking/firefox-flaw-data-theft.html
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim’s computer due to a weakness in the popular web browser.
https://securityaffairs.co/wordpress/87928/hacking/firefox-flaw-data-theft.html
Security Affairs
Old known issue in Firefox allows HTML files to steal other files from victim's system
Opening an HTML file on Firefox could allow attackers to steal files stored on a victim's computer due to a weakness in the popular web browser.
#Microsoft Defender #ATP alert categories are now aligned with #MITRE ATT&CK!
Microsoft Defender ATP alerts include analert category, which loosely identifies the kill chain stage associated with the alerted activity
https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-alert-categories-are-now-aligned-with/ba-p/732748
Microsoft Defender ATP alerts include analert category, which loosely identifies the kill chain stage associated with the alerted activity
https://techcommunity.microsoft.com/t5/Microsoft-Defender-ATP/Microsoft-Defender-ATP-alert-categories-are-now-aligned-with/ba-p/732748
TECHCOMMUNITY.MICROSOFT.COM
Microsoft Defender ATP alert categories are now aligned with MITRE ATT&CK!
Microsoft Defender ATP alert categories are now aligned with MITRE ATT&CK!
Windows Defender ATP alert categories are now aligned with the MITRE..
#Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/03/cisco-releases-security-updates-multiple-products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/03/cisco-releases-security-updates-multiple-products
www.us-cert.gov
Cisco Releases Security Updates for Multiple Products | CISA
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
Godlua backdoor, the first #malware that abuses the #DNS over HTTPS (DoH)
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.
https://securityaffairs.co/wordpress/87976/malware/godlua-backdoor-abuses-doh.html
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.
https://securityaffairs.co/wordpress/87976/malware/godlua-backdoor-abuses-doh.html
Security Affairs
Godlua backdoor, the first bot that abuses the DNS over HTTPS (DoH)
Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.
#Sodinokibi #Ransomware Exploits Windows Bug to Elevate Privileges
The Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.
https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-exploits-windows-bug-to-elevate-privileges/
The Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.
https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-exploits-windows-bug-to-elevate-privileges/
BleepingComputer
Sodinokibi Ransomware Exploits Windows Bug to Elevate Privileges
Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.
ACSC Releases Updated Essential Eight Maturity Model
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy.
https://www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy.
https://www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model
www.us-cert.gov
ACSC Releases Updated Essential Eight Maturity Model | CISA
The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies…
#Microsoft #Outlook Security Feature Bypass (CVE-2017-11774)
Vulnerability Description
A security feature bypass vulnerability exists in Microsoft Outlook. The vulnerability is due to improper handling of objects in memory. A remote attacker may exploit this vulnerability by enticing a target user to load a specially crafted HTML file.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0832.html
Vulnerability Description
A security feature bypass vulnerability exists in Microsoft Outlook. The vulnerability is due to improper handling of objects in memory. A remote attacker may exploit this vulnerability by enticing a target user to load a specially crafted HTML file.
https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0832.html
Check Point Software
CPAI-2019-0832 | Check Point Software
Microsoft Outlook Security Feature Bypass (CVE-2017-11774) - CPAI-2019-0832
All-in-one #Mobile Security Frameworks including #Android and iOS Application Penetration Testing.
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing
https://hackersonlineclub.com/mobile-security-penetration-testing/
Hackers Online Club
Mobile Security Penetration Testing List 2026
Mobile Security Penetration Testing List for All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.
Ubuntu updates for TCP SACK Panic vulnerabilities
Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial of service attack, so it is crucial to have systems patched.
https://admin.insights.ubuntu.com/2019/07/05/mitigations-for-tcp-sack-panic-vulnerabilities
Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial of service attack, so it is crucial to have systems patched.
https://admin.insights.ubuntu.com/2019/07/05/mitigations-for-tcp-sack-panic-vulnerabilities
Ubuntu Blog
Ubuntu updates for TCP SACK Panic vulnerabilities
Patch systems against the SACK Panic vulnerabilities that could expose servers to a denial of service attack with Canonical's Kernel Livepatch.
Vulnerabilidad en UIoT de HPE
Fecha de publicación: 08/07/2019
Importancia: 4 - Alta
Recursos afectados:
HPE Universal Internet of Things (UIoT), versiones:
1.6;
1.5;
1.4.2;
1.4.1;
1.4.0;
1.2.4.2.
Descripción:
HPE ha detectado una vulnerabilidad de criticidad alta en múltiples versiones de UIoT.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-uiot-hpe
Fecha de publicación: 08/07/2019
Importancia: 4 - Alta
Recursos afectados:
HPE Universal Internet of Things (UIoT), versiones:
1.6;
1.5;
1.4.2;
1.4.1;
1.4.0;
1.2.4.2.
Descripción:
HPE ha detectado una vulnerabilidad de criticidad alta en múltiples versiones de UIoT.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-uiot-hpe
INCIBE-CERT
Vulnerabilidad en UIoT de HPE
HPE ha detectado una vulnerabilidad de criticidad alta en múltiples versiones de UIoT.
Vulnerabilidad en 3PAR Service Processor de HPE
Fecha de publicación:09/07/2019
Importancia: Crítica
Recursos afectados:
HPE 3PAR Service Processor (SP), versiones desde la 4.1 hasta la 4.4.
Descripción:
HPE ha detectado una vulnerabilidad de severidad crítica en múltiples versiones de 3PAR Service Processor que podría permitir la interrupción de la confidencialidad, integridad y disponibilidad.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-3par-service-processor-hpe
Fecha de publicación:09/07/2019
Importancia: Crítica
Recursos afectados:
HPE 3PAR Service Processor (SP), versiones desde la 4.1 hasta la 4.4.
Descripción:
HPE ha detectado una vulnerabilidad de severidad crítica en múltiples versiones de 3PAR Service Processor que podría permitir la interrupción de la confidencialidad, integridad y disponibilidad.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-3par-service-processor-hpe
INCIBE-CERT
Vulnerabilidad en 3PAR Service Processor de HPE
HPE ha detectado una vulnerabilidad de severidad crítica en múltiples versiones de 3PAR Service Processor que podría permitir la interrupción de la confidencialidad, integridad y disponibilidad.
Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 companies around the world that use Zoom to conduct day-to-day business.
https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 companies around the world that use Zoom to conduct day-to-day business.
https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5
Medium
Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
Vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially…
Este nuevo ataque #phishing permite bypassear 2FA
https://www.seguridadapple.com/2019/07/este-nuevo-ataque-phishing-permite.html
https://www.seguridadapple.com/2019/07/este-nuevo-ataque-phishing-permite.html
Seguridadapple
Este nuevo ataque phishing permite bypassear 2FA
Desde hace unos años los dobles factores de autenticación nos han ayudado a proteger nuestra identidad digital de una forma rápida y sencil...
Security Updates Released for #Adobe Bridge, Dreamweaver, and AEM
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for vulnerabilities in Adobe Bridge CC, Adobe Experience Manager, and Adobe Dreamweaver.
https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-bridge-dreamweaver-and-aem/
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for vulnerabilities in Adobe Bridge CC, Adobe Experience Manager, and Adobe Dreamweaver.
https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-bridge-dreamweaver-and-aem/
BleepingComputer
Security Updates Released for Adobe Bridge, Dreamweaver, and AEM
Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for vulnerabilities in Adobe Bridge CC, Adobe Experience Manager, and Adobe Dreamweaver.
Over 1,300 #Android Apps Caught Collecting Data Even If You Deny Permissions
Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices.
https://thehackernews.com/2019/07/android-permission-bypass.html
Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices.
https://thehackernews.com/2019/07/android-permission-bypass.html
#Microsoft Discovers #Fileless Astaroth #Trojan Campaign
A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers.
https://www.bleepingcomputer.com/news/security/microsoft-discovers-fileless-astaroth-trojan-campaign/
A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers.
https://www.bleepingcomputer.com/news/security/microsoft-discovers-fileless-astaroth-trojan-campaign/
BleepingComputer
Microsoft Discovers Fileless Astaroth Trojan Campaign
A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers.
Unpatched Prototype Pollution Flaw Affects All Versions of Popular #Lodash Library
Lodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base.
https://thehackernews.com/2019/07/lodash-prototype-pollution.html
Lodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base.
https://thehackernews.com/2019/07/lodash-prototype-pollution.html
Four Ways The Bad Guys Attack #Mobile Devices
Network based attacks
Device exploits
Phishing attacks
Malicious apps
https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/
Network based attacks
Device exploits
Phishing attacks
Malicious apps
https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/
Zimperium
It’s Not Your Father’s Endpoint - Four Ways The Bad Guys Attack Mobile Devices - Zimperium
In our second blog, I discussed why a mobile device needs to be protected. Exactly what are we talking about here? What are the ways an attacker can hack
Changes to Ticket-Granting Ticket (TGT) Delegation Across Trusts in #Windows Server (PFE edition)
https://techcommunity.microsoft.com/t5/Premier-Field-Engineering/Changes-to-Ticket-Granting-Ticket-TGT-Delegation-Across-Trusts/ba-p/440283
https://techcommunity.microsoft.com/t5/Premier-Field-Engineering/Changes-to-Ticket-Granting-Ticket-TGT-Delegation-Across-Trusts/ba-p/440283
TECHCOMMUNITY.MICROSOFT.COM
Core Infrastructure and Security Blog