Hacking eCommerce sites based on OXID eShop by chaining 2 flaws
Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack.
https://securityaffairs.co/wordpress/89165/hacking/oxid-eshop-flaws.html
Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack.
https://securityaffairs.co/wordpress/89165/hacking/oxid-eshop-flaws.html
Security Affairs
Hacking eCommerce sites based on OXID eShop by chaining 2 flaws
Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack
#CISA Releases Advisory on Wind River #VxWorks Platform
The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/30/cisa-releases-advisory-wind-river-vxworks-platform
The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/07/30/cisa-releases-advisory-wind-river-vxworks-platform
www.us-cert.gov
CISA Releases Advisory on Wind River VxWorks Platform | CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) Advisory on multiple vulnerabilities in the Wind River VxWorks Platform. A remote attacker could exploit some of these vulnerabilities to take control…
Vulnerabilidad de validación incorrecta de entrada en las series Nexus 9000 de Cisco
Fecha de publicación: 01/08/2019
Importancia: 4 - Alta
Recursos afectados:
Series Nexus 9000 del producto Cisco Fabric Switches en modo ACI, si están ejecutando el software Cisco Nexus 9000 Series ACI en modo switch, versiones anteriores a 13.2(7f) o cualquiera de la rama 14.x.
Descripción:
Una vulnerabilidad en el subsistema Link Layer Discovery Protocol (LLDP), del software Cisco Nexus 9000 Series ACI en modo switch, permitiría a un atacante adyacente no autenticado provocar una condición de denegación de servicio (DoS) o ejecutar código arbitrario con privilegios de root.
Solución:
Las actualizaciones que corrigen la vulnerabilidad indicada pueden descargarse desde: Panel de descarga de Software Cisco.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-validacion-incorrecta-entrada-las-series-nexus-9000
Fecha de publicación: 01/08/2019
Importancia: 4 - Alta
Recursos afectados:
Series Nexus 9000 del producto Cisco Fabric Switches en modo ACI, si están ejecutando el software Cisco Nexus 9000 Series ACI en modo switch, versiones anteriores a 13.2(7f) o cualquiera de la rama 14.x.
Descripción:
Una vulnerabilidad en el subsistema Link Layer Discovery Protocol (LLDP), del software Cisco Nexus 9000 Series ACI en modo switch, permitiría a un atacante adyacente no autenticado provocar una condición de denegación de servicio (DoS) o ejecutar código arbitrario con privilegios de root.
Solución:
Las actualizaciones que corrigen la vulnerabilidad indicada pueden descargarse desde: Panel de descarga de Software Cisco.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/vulnerabilidad-validacion-incorrecta-entrada-las-series-nexus-9000
INCIBE-CERT
Vulnerabilidad de validación incorrecta de entrada en las series Nexus 9000 de Cisco
Una vulnerabilidad en el subsistema Link Layer Discovery Protocol (LLDP), del software Cisco Nexus 9000 Series ACI en modo switch, permitiría a un atacante adyacente no autenticado provocar una condición de denegación de servicio (DoS) o ejecutar código arbitrario…
Múltiples vulnerabilidades en productos de HPE
Fecha de publicación: 02/08/2019
Importancia: 5 - Crítica
Recursos afectados:
HPE 3PAR Service Processor, versiones anteriores a 5.0.5.1
HPE 3PAR StoreServ Management y Core Software Media, versiones anteriores a 3.5.0.1
Descripción:
El equipo de respuesta de seguridad de HPE ha descubierto múltiples vulnerabilidades en varios productos del fabricante.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-4
Fecha de publicación: 02/08/2019
Importancia: 5 - Crítica
Recursos afectados:
HPE 3PAR Service Processor, versiones anteriores a 5.0.5.1
HPE 3PAR StoreServ Management y Core Software Media, versiones anteriores a 3.5.0.1
Descripción:
El equipo de respuesta de seguridad de HPE ha descubierto múltiples vulnerabilidades en varios productos del fabricante.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-hpe-4
INCIBE-CERT
Múltiples vulnerabilidades en productos de HPE
El equipo de respuesta de seguridad de HPE ha descubierto múltiples vulnerabilidades en varios productos del fabricante.
Practical case: Crack Me 0x01
#CTF #pentesters
The challenge in this practical case is taken from the Pen.Test CTF 2018 of the Platform Voor Informatiebeveiliging(Platform For Information Security), which took place on the 11th of October 2018. The challenge has been created by Jeffrey Jansen from Access42. During the CTF, I solved this challenge together with my team mate Exploiteer.
https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-crack-me-0x01/
#CTF #pentesters
The challenge in this practical case is taken from the Pen.Test CTF 2018 of the Platform Voor Informatiebeveiliging(Platform For Information Security), which took place on the 11th of October 2018. The challenge has been created by Jeffrey Jansen from Access42. During the CTF, I solved this challenge together with my team mate Exploiteer.
https://maxkersten.nl/binary-analysis-course/assembly-basics/practical-case-crack-me-0x01/
Creando un laboratorio de #Pentesting con #GNS3 y #Docker
https://www.dragonjar.org/creando-un-laboratorio-de-pentesting-gns3.xhtml
https://www.dragonjar.org/creando-un-laboratorio-de-pentesting-gns3.xhtml
Extracción de configuración de malware con MalConfScan (plugin de #Volatility)
#Hackplayers
https://www.hackplayers.com/2019/08/extraccion-de-configuracion-de-malware.html
#Hackplayers
https://www.hackplayers.com/2019/08/extraccion-de-configuracion-de-malware.html
Hackplayers
Extracción de configuración de malware con MalConfScan (plugin de Volatility)
Todos los días, se descubren nuevos tipos de malware. Sin embargo, muchos de ellos son en realidad variantes del malware existente: compart...
Critical Remote Code Execution Vulnerability in #DHCP Client Let Hackers Take Control of the Network
https://gbhackers.com/dhcp-client/
https://gbhackers.com/dhcp-client/
GBHackers On Security
Critical Remote Code Execution Vulnerability in DHCP Client
A critical remote code execution vulnerability that resides in the DHCP client allows attackers to take control of the system by sending malicious DHCP reply packets.
#NVIDIA Patches High Severity Flaws in Windows GPU Display Driver
NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers.
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/
NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers.
https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/
BleepingComputer
NVIDIA Patches High Severity Flaws in Windows GPU Display Driver
NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers.
NTAP-20190802-0001: August 2019 VxWorks TCP/IP Stack (IPNET) Vulnerabilities in #NetApp Products
https://security.netapp.com/advisory/ntap-20190802-0001/
https://security.netapp.com/advisory/ntap-20190802-0001/
Netapp
August 2019 VxWorks TCP/IP Stack (IPNET) Vulnerabilities in NetApp Products | NetApp Product Security
Multiple NetApp products incorporate VxWorks. VxWorks versions 7(SR540 and SR610), 6.5 through 6.9.4.11 and versions of VxWorks using the Interpeak standalone network stack are susceptible to vulnerabilities which when successfully exploited could lead to…
#Cisco Releases Security Updates
Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/08/01/cisco-releases-security-updates
Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/08/01/cisco-releases-security-updates
www.us-cert.gov
Cisco Releases Security Updates | CISA
Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
#Pentesting #ActiveDirectory & Pentesting Active Directory Forests
https://www.sniferl4bs.com/2019/08/pentesting-active-directory-pentesting.html
https://www.sniferl4bs.com/2019/08/pentesting-active-directory-pentesting.html
Sniferl4Bs
Pentesting Active Directory & Pentesting Active Directory Forests
Es viernes y el blog vuelve con una entrada? algo raro pasa aquí. Si estas del otro lado del charco es Sabado por la mañana. Como di...
#VMware Releases Security Updates for Multiple Products
https://www.us-cert.gov/ncas/current-activity/2019/08/03/vmware-releases-security-updates-multiple-products
https://www.us-cert.gov/ncas/current-activity/2019/08/03/vmware-releases-security-updates-multiple-products
www.us-cert.gov
VMware Releases Security Updates for Multiple Products | CISA
VMware has released a security advisory to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
Forwarded from Una al día
Elevación de privilegios con Avira Software Updater
https://unaaldia.hispasec.com/2019/08/elevacion-de-privilegios-con-avira-software-updater.html
https://unaaldia.hispasec.com/2019/08/elevacion-de-privilegios-con-avira-software-updater.html
Una al Día
Elevación de privilegios con Avira Software Updater — Una al Día
Avira Software Updater es una herramienta diseñada para actualizar automáticamente todos los programas, aplicaciones y controladores instalados en el ordenador, tanto aquellos pertenecientes a Micr…
One Misconfig ( #JIRA ) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies!
https://medium.com/@logicbomb_1/one-misconfig-jira-to-leak-them-all-including-nasa-and-hundreds-of-fortune-500-companies-a70957ef03c7
https://medium.com/@logicbomb_1/one-misconfig-jira-to-leak-them-all-including-nasa-and-hundreds-of-fortune-500-companies-a70957ef03c7
Medium
One Misconfig (JIRA) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies!
Hi Guys,
An Introduction To Code Analysis With #Ghidra
https://threatvector.cylance.com/en_us/home/an-introduction-to-code-analysis-with-ghidra.html
https://threatvector.cylance.com/en_us/home/an-introduction-to-code-analysis-with-ghidra.html
BlackBerry
Code Analysis With Ghidra: An Introduction
Ghidra is a free software reverse-engineering framework developed by the NSA and released as open-source software. Learn how to use Ghidra to perform malicious code analysis.
Beware of Emails Asking You to "Confirm Your Unsubscribe" Request
A long-running #scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other type of scam.
https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/
A long-running #scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other type of scam.
https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/
BleepingComputer
Beware of Emails Asking You to "Confirm Your Unsubscribe" Request
A long-running scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other…
Package : #proftpd dfsg
CVE ID : CVE-2019-12815
Debian Bug : 932453
Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.
https://lists.debian.org/debian-security-announce/2019/msg00139.html
CVE ID : CVE-2019-12815
Debian Bug : 932453
Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.
https://lists.debian.org/debian-security-announce/2019/msg00139.html
Múltiples vulnerabilidades en productos VMware
Fecha de publicación: 05/08/2019
Importancia: 4 - Alta
Recursos afectados:
VMware vSphere ESXi, versiones 6.5 y 6.7.
VMware Workstation Pro / Player, versiones 14.x y 15.x.
VMware Fusion Pro / Fusion, versiones 10.x y 11.x.
Descripción:
Piotr Bania, de Cisco Talos, ha reportado dos vulnerabilidades a VMware, de lectura y escritura fuera de límites que afectan a los productos ESXi, Workstation y Fusion.
#Incibe
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-10
Fecha de publicación: 05/08/2019
Importancia: 4 - Alta
Recursos afectados:
VMware vSphere ESXi, versiones 6.5 y 6.7.
VMware Workstation Pro / Player, versiones 14.x y 15.x.
VMware Fusion Pro / Fusion, versiones 10.x y 11.x.
Descripción:
Piotr Bania, de Cisco Talos, ha reportado dos vulnerabilidades a VMware, de lectura y escritura fuera de límites que afectan a los productos ESXi, Workstation y Fusion.
#Incibe
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-10
INCIBE-CERT
Múltiples vulnerabilidades en productos VMware
Piotr Bania, de Cisco Talos, ha reportado dos vulnerabilidades a VMware, de lectura y escritura fuera de límites que afectan a los productos ESXi, Workstation y Fusion.