#Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.us-cert.gov/ncas/current-activity/2019/07/03/cisco-releases-security-updates-multiple-products

Godlua backdoor, the first #malware that abuses the #DNS over HTTPS (DoH)

Researchers at Network Security Research Lab of Qihoo 360 discovered a Lua-based backdoor dubbed Godlua that targets both Linux and Windows systems.

https://securityaffairs.co/wordpress/87976/malware/godlua-backdoor-abuses-doh.html

#Sodinokibi #Ransomware Exploits Windows Bug to Elevate Privileges

The Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions.

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-exploits-windows-bug-to-elevate-privileges/

#RedTeaming Toolkit Collection

https://0xsp.com/offensive/red-teaming-toolkit-collection

ACSC Releases Updated Essential Eight Maturity Model

The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential Eight—ACSC’s list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy.

https://www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model

#Microsoft #Outlook Security Feature Bypass (CVE-2017-11774)


Vulnerability Description
A security feature bypass vulnerability exists in Microsoft Outlook. The vulnerability is due to improper handling of objects in memory. A remote attacker may exploit this vulnerability by enticing a target user to load a specially crafted HTML file.

https://www.checkpoint.com/defense/advisories/public/2019/cpai-2019-0832.html

All-in-one #Mobile Security Frameworks including #Android and iOS Application Penetration Testing.

-static analysis
-reverse engineering
-dynamic analysis
-network tools
-bypass root & ssl pining
-server side testing

https://hackersonlineclub.com/mobile-security-penetration-testing/

Ubuntu updates for TCP SACK Panic vulnerabilities

Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial of service attack, so it is crucial to have systems patched.

https://admin.insights.ubuntu.com/2019/07/05/mitigations-for-tcp-sack-panic-vulnerabilities

Vulnerabilidad en UIoT de HPE

Fecha de publicación: 08/07/2019
Importancia: 4 - Alta

Recursos afectados: 
HPE Universal Internet of Things (UIoT), versiones:
1.6;
1.5;
1.4.2;
1.4.1;
1.4.0;
1.2.4.2.

Descripción: 
HPE ha detectado una vulnerabilidad de criticidad alta en múltiples versiones de UIoT.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-uiot-hpe

Vulnerabilidad en 3PAR Service Processor de HPE

Fecha de publicación:09/07/2019
Importancia: Crítica
Recursos afectados:
HPE 3PAR Service Processor (SP), versiones desde la 4.1 hasta la 4.4.

Descripción:
HPE ha detectado una vulnerabilidad de severidad crítica en múltiples versiones de 3PAR Service Processor que podría permitir la interrupción de la confidencialidad, integridad y disponibilidad.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-3par-service-processor-hpe

Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!

A vulnerability in the Mac Zoom Client allows any malicious website to enable your camera without your permission. The flaw potentially exposes up to 750,000 companies around the world that use Zoom to conduct day-to-day business.

https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5

Este nuevo ataque #phishing permite bypassear 2FA

https://www.seguridadapple.com/2019/07/este-nuevo-ataque-phishing-permite.html

Security Updates Released for #Adobe Bridge, Dreamweaver, and AEM

Adobe has published their monthly Patch Tuesday updates for the month of May 2019. These updates includes fixes for vulnerabilities in Adobe Bridge CC, Adobe Experience Manager, and Adobe Dreamweaver.

https://www.bleepingcomputer.com/news/security/security-updates-released-for-adobe-bridge-dreamweaver-and-aem/

Over 1,300 #Android Apps Caught Collecting Data Even If You Deny Permissions

Smartphones are a goldmine of sensitive data, and modern apps work as diggers that continuously collect every possible information from your devices.

https://thehackernews.com/2019/07/android-permission-bypass.html

#Microsoft Discovers #Fileless Astaroth #Trojan Campaign

A fileless malware campaign used by attackers to drop the information stealing Astaroth Trojan into the memory of infected computers was detected by Microsoft Defender ATP Research Team researchers.

https://www.bleepingcomputer.com/news/security/microsoft-discovers-fileless-astaroth-trojan-campaign/

Unpatched Prototype Pollution Flaw Affects All Versions of Popular #Lodash Library

Lodash, a popular npm library used by more than 4 million projects on GitHub alone, is affected by a high severity security vulnerability that could allow attackers to compromise the security of affected services using the library and their respective user base.

https://thehackernews.com/2019/07/lodash-prototype-pollution.html

Four Ways The Bad Guys Attack #Mobile Devices

Network based attacks
Device exploits
Phishing attacks
Malicious apps

https://blog.zimperium.com/not-fathers-endpoint-four-ways-bad-guys-attack-mobile-devices/

Changes to Ticket-Granting Ticket (TGT) Delegation Across Trusts in #Windows Server (PFE edition)

https://techcommunity.microsoft.com/t5/Premier-Field-Engineering/Changes-to-Ticket-Granting-Ticket-TGT-Delegation-Across-Trusts/ba-p/440283

#RedTeam Diary, Entry #1: Making NSA’s PeddleCheap RAT Invisible

https://medium.com/@d.bougioukas/red-team-diary-entry-1-making-nsas-peddlecheap-rat-invisible-f88ccbdc484d

Dismantling a #fileless campaign: #Microsoft Defender #ATP next-gen protection exposes #Astaroth attack

Microsoft Defender ATP Research Team

https://www.microsoft.com/security/blog/2019/07/08/dismantling-a-fileless-campaign-microsoft-defender-atp-next-gen-protection-exposes-astaroth-attack/

Vulnerabilidad en Intel® Processor Diagnostic Tool

Fecha de publicación: 10/07/2019
Importancia: 4 - Alta

Recursos afectados: 
Intel® Processor Diagnostic Tool para 32-bit, versiones anteriores a la 4.1.2.24_32bit.
Intel® Processor Diagnostic Tool para 64-bit, versiones anteriores a la 4.1.2.24_64bit.

Descripción: 
Se ha publicado una vulnerabilidad en Intel® Processor Diagnostic Tool que podría permitir a un atacante la escalada de privilegios, la denegación de servicio o la divulgación de información.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-intelr-processor-diagnostic-tool