Creando un laboratorio de #Pentesting con #GNS3 y #Docker

https://www.dragonjar.org/creando-un-laboratorio-de-pentesting-gns3.xhtml

Extracción de configuración de malware con MalConfScan (plugin de #Volatility)

#Hackplayers

https://www.hackplayers.com/2019/08/extraccion-de-configuracion-de-malware.html

Analysing #RPC With #Ghidra and Neo4j

https://blog.xpnsec.com/analysing-rpc-with-ghidra-neo4j

MITRE ATT&CK™

https://medium.com/mitre-attack

Critical Remote Code Execution Vulnerability in #DHCP Client Let Hackers Take Control of the Network

https://gbhackers.com/dhcp-client/

#NVIDIA Patches High Severity Flaws in Windows GPU Display Driver

NVIDIA released a GPU display driver security update to fix five high and medium severity vulnerabilities that could lead to local code execution, escalation of privileges, and denial of service on vulnerable Windows computers.

https://www.bleepingcomputer.com/news/security/nvidia-patches-high-severity-flaws-in-windows-gpu-display-driver/

NTAP-20190802-0001: August 2019 VxWorks TCP/IP Stack (IPNET) Vulnerabilities in #NetApp Products
https://security.netapp.com/advisory/ntap-20190802-0001/

#Cisco Releases Security Updates

Cisco has released security updates to address a vulnerability in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to take control of an affected system.

https://www.us-cert.gov/ncas/current-activity/2019/08/01/cisco-releases-security-updates

#Pentesting #ActiveDirectory & Pentesting Active Directory Forests

https://www.sniferl4bs.com/2019/08/pentesting-active-directory-pentesting.html

#VMware Releases Security Updates for Multiple Products

https://www.us-cert.gov/ncas/current-activity/2019/08/03/vmware-releases-security-updates-multiple-products

Elevación de privilegios con Avira Software Updater

https://unaaldia.hispasec.com/2019/08/elevacion-de-privilegios-con-avira-software-updater.html

One Misconfig ( #JIRA ) to Leak Them All- Including NASA and Hundreds of Fortune 500 Companies!

https://medium.com/@logicbomb_1/one-misconfig-jira-to-leak-them-all-including-nasa-and-hundreds-of-fortune-500-companies-a70957ef03c7

An Introduction To Code Analysis With #Ghidra

https://threatvector.cylance.com/en_us/home/an-introduction-to-code-analysis-with-ghidra.html

Beware of Emails Asking You to "Confirm Your Unsubscribe" Request

A long-running #scam email campaign that pretends to be an unsubscribe confirmation request has seen an uptick recently. These emails should never be clicked on or responded to as they are designed to harvest working email addresses or to perform some other type of scam.

https://www.bleepingcomputer.com/news/security/beware-of-emails-asking-you-to-confirm-your-unsubscribe-request/

Package : #proftpd dfsg
CVE ID : CVE-2019-12815
Debian Bug : 932453

Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.

https://lists.debian.org/debian-security-announce/2019/msg00139.html

Múltiples vulnerabilidades en productos VMware

Fecha de publicación: 05/08/2019
Importancia: 4 - Alta

Recursos afectados: 
VMware vSphere ESXi, versiones 6.5 y 6.7.
VMware Workstation Pro / Player, versiones 14.x y 15.x.
VMware Fusion Pro / Fusion, versiones 10.x y 11.x.

Descripción: 
Piotr Bania, de Cisco Talos, ha reportado dos vulnerabilidades a VMware, de lectura y escritura fuera de límites que afectan a los productos ESXi, Workstation y Fusion.

#Incibe

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-vmware-10

#Microsoft launches #Azure Security Lab, expands #bugbounty rewards

Researchers can earn up to $40,000 for reporting Azure vulnerabilities.

https://www.zdnet.com/article/microsoft-announces-azure-security-lab-azure-bug-bounty-expansion/

ECh0raix #Ransomware #Decryptor Restores #QNAP Files For Free

A decryptor for the eCh0raix Ransomware, or QNAPCrypt,  has been released that allows victims to recover encrypted files on their QNAP NAS devices.

https://www.bleepingcomputer.com/ransomware/decryptor/ech0raix-ransomware-decryptor-restores-qnap-files-for-free/

¿NECESITAS AYUDA para desbloquear tu vida digital sin pagar el rescate a tus atacantes?

#decryptor #Ransomware

https://www.nomoreransom.org/

Hide *Exploitable* Extended-Rights (including DCSync privs) to remain persistence

#ActiveDirectory

https://medium.com/@huykha/hide-exploitable-extended-rights-to-remain-persistence-92a2e1d3670d

Auditing containers with #osquery

When running containers in production with Docker, bad configurations can easily lead to vulnerable environments: privileged containers, processes inside a container that are running with the root user or lack of AppArmor profiles for security restrictions are some common examples. An attacker who exploits application vulnerabilities in the container could use this lack of restrictions to access to the host or other servers on your network. Using osquery, we will query the Docker daemon like a relational database and quickly identify these security flaws.

https://itnext.io/auditing-containers-with-osquery-389636f8c420