Técnica Anti-VM con MSAcpi_ThermalZoneTemperature
#Hackplayers

https://www.hackplayers.com/2019/07/anti-vm-msacpi-thermalzonetemperature.html

Las conversaciones de Apple Siri son revisadas por empresas externas poniendo en riesgo la privacidad de los usuarios
#privacidad

https://www.seguridadapple.com/2019/07/las-conversaciones-de-apple-siri-son.html

How an attacker can target #phishing attacks


There are a number of ways attackers can exploit public information about your organization's employees. CSO Online's Susan Bradley walks through how an attacker can gain access to your organization's Office 365 accounts and how you can protect your enterprise from these potential attacks.

https://www.csoonline.com/video/97009/how-an-attacker-can-target-phishing-attacks

AWDL flaws open #Apple users to tracking, #MitM, malware planting

Vulnerabilities in Apple Wireless Direct Link (AWDL), the wireless protocol that underpins Apple’s AirPlay and AirDrop services, could allow attackers to track users in spite of MAC randomization, to intercept and modify transmitted files, and to prevent transmission or crash devices altogether.

https://www.helpnetsecurity.com/2019/07/31/apple-airdrop-issues/

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack.

https://securityaffairs.co/wordpress/89165/hacking/oxid-eshop-flaws.html

#CISA Releases Advisory on Wind River #VxWorks Platform

The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

https://www.us-cert.gov/ncas/current-activity/2019/07/30/cisa-releases-advisory-wind-river-vxworks-platform

Vulnerabilidad de validación incorrecta de entrada en las series Nexus 9000 de Cisco

Fecha de publicación: 01/08/2019
Importancia: 4 - Alta

Recursos afectados: 
Series Nexus 9000 del producto Cisco Fabric Switches en modo ACI, si están ejecutando el software Cisco Nexus 9000 Series ACI en modo switch, versiones anteriores a 13.2(7f) o cualquiera de la rama 14.x.

Descripción: 
Una vulnerabilidad en el subsistema Link Layer Discovery Protocol (LLDP), del software Cisco Nexus 9000 Series ACI en modo switch, permitiría a un atacante adyacente no autenticado provocar una condición de denegación de servicio (DoS) o ejecutar código arbitrario con privilegios de root.

Solución: 
Las actualizaciones que corrigen la vulnerabilidad indicada pueden descargarse desde: Panel de descarga de Software Cisco.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-validacion-incorrecta-entrada-las-series-nexus-9000

Múltiples vulnerabilidades en productos de HPE

Fecha de publicación: 02/08/2019
Importancia: 5 - Crítica

Recursos afectados: 
HPE 3PAR Service Processor, versiones anteriores a 5.0.5.1
HPE 3PAR StoreServ Management y Core Software Media, versiones anteriores a 3.5.0.1

Descripción: 
El equipo de respuesta de seguridad de HPE ha descubierto múltiples vulnerabilidades en varios productos del fabricante.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-4

Practical case: Crack Me 0x01

#CTF #pentesters

The challenge in this practical case is taken from the Pen.Test CTF 2018 of the Platform Voor Informatiebeveiliging(Platform For Information Security), which took place on the 11th of October 2018. The challenge has been created by Jeffrey Jansen from Access42. During the CTF, I solved this challenge together with my team mate Exploiteer.

https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-crack-me-0x01/

Creando un laboratorio de #Pentesting con #GNS3 y #Docker

https://www.dragonjar.org/creando-un-laboratorio-de-pentesting-gns3.xhtml

Extracción de configuración de malware con MalConfScan (plugin de #Volatility)

#Hackplayers

https://www.hackplayers.com/2019/08/extraccion-de-configuracion-de-malware.html

Analysing #RPC With #Ghidra and Neo4j

https://blog.xpnsec.com/analysing-rpc-with-ghidra-neo4j

MITRE ATT&CK™

https://medium.com/mitre-attack

Critical Remote Code Execution Vulnerability in #DHCP Client Let Hackers Take Control of the Network

https://gbhackers.com/dhcp-client/

#NVIDIA Patches High Severity Flaws in Windows GPU Display Driver

NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers.

https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/

NTAP-20190802-0001: August 2019 VxWorks TCP/IP Stack (IPNET) Vulnerabilities in #NetApp Products
https://security.netapp.com/advisory/ntap-20190802-0001/

#Cisco Releases Security Updates

Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system.

https://www.us-cert.gov/ncas/current-activity/2019/08/01/cisco-releases-security-updates

#Pentesting #ActiveDirectory & Pentesting Active Directory Forests

https://www.sniferl4bs.com/2019/08/pentesting-active-directory-pentesting.html

#VMware Releases Security Updates for Multiple Products

https://www.us-cert.gov/ncas/current-activity/2019/08/03/vmware-releases-security-updates-multiple-products

Elevación de privilegios con Avira Software Updater

https://unaaldia.hispasec.com/2019/08/elevacion-de-privilegios-con-avira-software-updater.html

One Misconfig ( #JIRA ) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies!

https://medium.com/@logicbomb_1/one-misconfig-jira-to-leak-them-all-including-nasa-and-hundreds-of-fortune-500-companies-a70957ef03c7