#Lenovo Confirms 36TB Data Leak #Security #Vulnerability
[...]
Lenovo has now issued a security advisorywhich confirms that the firmware vulnerability “could allow an unauthenticated user to access files on NAS shares via the API.” According to the researchers, it was “trivially easy” to exploit that application programming interface (API) and allow attackers to access the data stored upon any of several Lenovo-EMC network-attached storage (NAS) devices. The full list of devices impacted by this vulnerability can be found in the Lenovo security advisory.
[...]
https://www.forbes.com/sites/daveywinder/2019/07/17/lenovo-confirms-36tb-data-leak-security-vulnerability/
[...]
Lenovo has now issued a security advisorywhich confirms that the firmware vulnerability “could allow an unauthenticated user to access files on NAS shares via the API.” According to the researchers, it was “trivially easy” to exploit that application programming interface (API) and allow attackers to access the data stored upon any of several Lenovo-EMC network-attached storage (NAS) devices. The full list of devices impacted by this vulnerability can be found in the Lenovo security advisory.
[...]
https://www.forbes.com/sites/daveywinder/2019/07/17/lenovo-confirms-36tb-data-leak-security-vulnerability/
Forbes
Lenovo Confirms 36TB Data Leak Security Vulnerability
Lenovo has issued yet another security advisory, in what has proven to be a busy few weeks as far as vulnerability disclosures are concerned. This one exposed at least 36TB of storage drive data.
#Iomega and LenovoEMC NAS Vulnerability
Lenovo Security Advisory: LEN-25557
Potential Impact: Information disclosure
Severity: High
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2019-6160
https://support.lenovo.com/es/es/product_security/len-25557
Lenovo Security Advisory: LEN-25557
Potential Impact: Information disclosure
Severity: High
Scope of Impact: Lenovo-specific
CVE Identifier: CVE-2019-6160
https://support.lenovo.com/es/es/product_security/len-25557
Vulnerabilidad de ejecución remota de código en Palo Alto PAN-OS
Fecha de publicación: 19/07/2019
Importancia: 5 - Crítica
Recursos afectados:
PAN-OS 7.1.18 y anteriores.
PAN-OS 8.0.11 y anteriores.
PAN-OS 8.1.2 y anteriores.
Descripción:
Palo Alto ha publicado una vulnerabilidad de severidad crítica, que podría permitir a un atacante no autenticado ejecutar código arbitrario.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-ejecucion-remota-codigo-palo-alto-pan-os
Fecha de publicación: 19/07/2019
Importancia: 5 - Crítica
Recursos afectados:
PAN-OS 7.1.18 y anteriores.
PAN-OS 8.0.11 y anteriores.
PAN-OS 8.1.2 y anteriores.
Descripción:
Palo Alto ha publicado una vulnerabilidad de severidad crítica, que podría permitir a un atacante no autenticado ejecutar código arbitrario.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-ejecucion-remota-codigo-palo-alto-pan-os
INCIBE-CERT
Vulnerabilidad de ejecución remota de código en Palo Alto PAN-OS
Palo Alto ha publicado una vulnerabilidad de severidad crítica, que podría permitir a un atacante no autenticado ejecutar código arbitrario.
Canadian Centre for Cyber Security Releases #Advisory on #Fileless #Malware
The Canadian Centre for Cyber Security (CCCS) has released an advisory on an #Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data.
https://www.us-cert.gov/ncas/current-activity/2019/07/18/canadian-centre-cyber-security-releases-advisory-fileless-malware
The Canadian Centre for Cyber Security (CCCS) has released an advisory on an #Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such as credentials and keystrokes, and obtain other sensitive data.
https://www.us-cert.gov/ncas/current-activity/2019/07/18/canadian-centre-cyber-security-releases-advisory-fileless-malware
www.us-cert.gov
Canadian Centre for Cyber Security Releases Advisory on Fileless Malware | CISA
The Canadian Centre for Cyber Security (CCCS) has released an advisory on an Astaroth fileless malware campaign affecting Microsoft Windows. Astaroth resides solely in memory, and an attacker can use it and other fileless malware to steal information, such…
#Microsoft #Windows Task Scheduler Local Privilege Escalation
https://packetstormsecurity.com/files/153698/taskschdEoP_Report.txt
https://packetstormsecurity.com/files/153698/taskschdEoP_Report.txt
Packetstormsecurity
Microsoft Windows Task Scheduler Local Privilege Escalation ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Forwarded from 🔒Seguridad Informática
📃 "Medición de la "Burbuja de filtro": Cómo influye Google en lo que haces clic" https://telegra.ph/Medici%C3%B3n-de-la-Burbuja-de-filtro-C%C3%B3mo-influye-Google-en-lo-que-haces-clic-06-17
Telegraph
Medición de la "Burbuja de filtro": Cómo influye Google en lo que haces clic
A lo largo de los años, ha habido un debate considerable sobre el problema de la "burbuja de filtros" de Google. En pocas palabras, es la manipulación de los resultados de su búsqueda basada en sus datos personales. En la práctica, esto significa que los…
Sliver: un #framework para implants muy interesante
Sliver es un sistema de Comando y Control (C2) creado para #pentesters, #redteamers y #APT avanzadas. Genera implants o implantes (slivers) que pueden ejecutarse en prácticamente todas las arquitecturas, y administrar estas conexiones de forma segura a través de un servidor central.
https://www.hackplayers.com/2019/06/sliver-un-framework-para-implants.html
Sliver es un sistema de Comando y Control (C2) creado para #pentesters, #redteamers y #APT avanzadas. Genera implants o implantes (slivers) que pueden ejecutarse en prácticamente todas las arquitecturas, y administrar estas conexiones de forma segura a través de un servidor central.
https://www.hackplayers.com/2019/06/sliver-un-framework-para-implants.html
Hackplayers
Sliver: un framework para implants muy interesante
Sliver es un sistema de Comando y Control (C2) creado para pentesters, redteamers y APTs avanzadas. Genera implants o implantes ( slivers ...
Awesome #Sysadmin
A curated list of amazingly awesome open source sysadmin #resources.
https://github.com/kahun/awesome-sysadmin
A curated list of amazingly awesome open source sysadmin #resources.
https://github.com/kahun/awesome-sysadmin
GitHub
GitHub - kahun/awesome-sysadmin: A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.
A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP. - kahun/awesome-sysadmin
Hackers breach FSB contractor, expose Tor deanonymization project and more
SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/
SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
https://www.zdnet.com/article/hackers-breach-fsb-contractor-expose-tor-deanonymization-project/
ZDNET
Hackers breach FSB contractor, expose Tor deanonymization project and more
SyTech, the hacked company, was working on research projects for the FSB, Russia's intelligence service.
#Skadi v2019.4 releases: Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
Skadi is a free, open-source collection of tools that enable the collection, processing and advanced analysis of #forensic artifacts and images. It scales to work effectively on laptops, desktops, servers, the cloud and can be installed on top of #hardened / gold disk images.
https://securityonline.info/skadi/
Skadi is a free, open-source collection of tools that enable the collection, processing and advanced analysis of #forensic artifacts and images. It scales to work effectively on laptops, desktops, servers, the cloud and can be installed on top of #hardened / gold disk images.
https://securityonline.info/skadi/
Penetration Testing
Skadi: Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
Skadi is a free, open-source collection of tools that enable the collection, processing and advanced analysis of forensic artifacts and images.
Attacking Private Networks from the Internet with #DNS Rebinding
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325
https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325
Medium
Attacking Private Networks from the Internet with DNS Rebinding
TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home…
#Linux #Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability
https://www.securityfocus.com/bid/108410/info
https://www.securityfocus.com/bid/108410/info
Securityfocus
Linux Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability
SecurityFocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the Internet's largest and most comprehensive database of computer security knowledge and resources to the public. It…
#ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers
#RCE
More than one million ProFTPD servers are vulnerable to remote code execution and information disclosure attacks that could be triggered after successful exploitation of an arbitrary file copy vulnerability.
https://www.bleepingcomputer.com/news/security/proftpd-remote-code-execution-bug-exposes-over-1-million-servers/
#RCE
More than one million ProFTPD servers are vulnerable to remote code execution and information disclosure attacks that could be triggered after successful exploitation of an arbitrary file copy vulnerability.
https://www.bleepingcomputer.com/news/security/proftpd-remote-code-execution-bug-exposes-over-1-million-servers/
BleepingComputer
ProFTPD Vulnerability Lets Users Copy Files Without Permission
Under certain conditions, ProFTPD servers are vulnerable to remote code execution and information disclosure attacks after successful exploitation of an arbitrary file copy vulnerability in the mod_copy module.
#Apple Releases Multiple Security Updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/22/apple-releases-multiple-security-updates
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/22/apple-releases-multiple-security-updates
www.us-cert.gov
Apple Releases Multiple Security Updates | CISA
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
Hackers Exploit #Jira, Exim #Linux Servers to "Keep the Internet Safe'
Hackers are exploiting vulnerable Jira and #Exim servers with the end goal of infecting them with a new #Watchbog Linux Trojan variant and using the resulting botnet as part of a #Monero cryptomining operation.
Watchbog is a malware strain used to infect Linux servers by exploiting vulnerable software such as Jenkins during a campaign from May, as well as Nexus Repository Manager 3, ThinkPHP, and Linux Supervisord as part of an operation from March as discovered by Alibaba Cloud Security researchers.
https://www.bleepingcomputer.com/news/security/hackers-exploit-jira-exim-linux-servers-to-keep-the-internet-safe/
Hackers are exploiting vulnerable Jira and #Exim servers with the end goal of infecting them with a new #Watchbog Linux Trojan variant and using the resulting botnet as part of a #Monero cryptomining operation.
Watchbog is a malware strain used to infect Linux servers by exploiting vulnerable software such as Jenkins during a campaign from May, as well as Nexus Repository Manager 3, ThinkPHP, and Linux Supervisord as part of an operation from March as discovered by Alibaba Cloud Security researchers.
https://www.bleepingcomputer.com/news/security/hackers-exploit-jira-exim-linux-servers-to-keep-the-internet-safe/
BleepingComputer
Hackers Exploit Jira, Exim Linux Servers to "Keep the Internet Safe'
Hackers are exploiting vulnerable Jira and Exim servers with the end goal of infecting them with a new Watchbog Linux Trojan variant and using the resulting botnet as part of a Monero cryptomining operation.
QCSuper: A tool for capturing 2G/3G/4G air traffic on Qualcomm-based phones
https://www.andreafortuna.org/2019/07/23/qcsuper-a-tool-for-capturing-2g-3g-4g-air-traffic-on-qualcomm-based-phones/
https://www.andreafortuna.org/2019/07/23/qcsuper-a-tool-for-capturing-2g-3g-4g-air-traffic-on-qualcomm-based-phones/
Andrea Fortuna
QCSuper: A tool for capturing 2G/3G/4G air traffic on Qualcomm-based phones
QCSuper is a tool allowing to capture raw 2G/3G/4G radio frames, generating PCAP captures using Qualcomm-based phones and modems. Lately, I have been playing with a 3G dongle – a small USB device enabling to connect to the mobile Internet. I have discovered…
Building #Resilience to Foreign Interference, #Misinformation Activities
https://www.us-cert.gov/ncas/current-activity/2019/07/22/building-resilience-foreign-interference-misinformation-activities
https://www.us-cert.gov/ncas/current-activity/2019/07/22/building-resilience-foreign-interference-misinformation-activities
www.us-cert.gov
Building Resilience to Foreign Interference, Misinformation Activities | CISA
As part of the effort to #Protect2020, the Cybersecurity and Infrastructure Security Agency (CISA) is working with national partners to build resilience to foreign interferences, particularly information activities (e.g., disinformation, misinformation).
#PuTTY a free #SSH and #Telnet client
New in 0.72 (released 2019-07-20)
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
New in 0.72 (released 2019-07-20)
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
Forwarded from tpx Security ⠠⠵
¡Cuidado al compartir enlaces de Google Fotos!
Se descubrió un error el cual permite acceder a un enlace compartido de manera privada sin necesidad de estar logueado, basta con acceder desde una ventana de incógnito al enlace.
Mucho cuidado.
Se descubrió un error el cual permite acceder a un enlace compartido de manera privada sin necesidad de estar logueado, basta con acceder desde una ventana de incógnito al enlace.
Mucho cuidado.
#Comodo #Antivirus Affected With Multiple Vulnerabilities that Includes Privilege Escalation and Denial of Service
Researchers discovered five critical vulnerabilities in Comodo Antivirus / Advanced version. Out of five vulnerabilities four present in version 12.0.0.6810 and one with 11.0.0.6582.
https://gbhackers.com/comodo-antivirus-affected-with-multiple-vulnerabilities-that-includes-privilege-escalation-and-denial-of-service
Researchers discovered five critical vulnerabilities in Comodo Antivirus / Advanced version. Out of five vulnerabilities four present in version 12.0.0.6810 and one with 11.0.0.6582.
https://gbhackers.com/comodo-antivirus-affected-with-multiple-vulnerabilities-that-includes-privilege-escalation-and-denial-of-service
GBHackers On Security
Comodo Antivirus Affected With Multiple Vulnerabilities
Researchers discovered five critical vulnerabilities in Comodo Antivirus / Comodo Antivirus Advanced. Out of five vulnerabilities four present in version 12.0.0.6810 and one with 11.0.0.6582.