#Cisco Releases Security Updates
Original release date: August 22, 2019
Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/08/22/cisco-releases-security-updates
Original release date: August 22, 2019
Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/08/22/cisco-releases-security-updates
www.us-cert.gov
Cisco Releases Security Updates | CISA
Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities…
Múltiples vulnerabilidades en productos Cisco
Fecha de publicación: 23/08/2019
Importancia: 5 - Crítica
Recursos afectados:
Cisco IMC Supervisor:
versión 2.1;
desde la versión 2.2.0.0, hasta la 2.2.0.6.
Cisco UCS Director, versiones:
6.0,
6.5,
6.6.0.0 y 6.6.1.0,
6.7.0.0 y 6.7.1.0.
Cisco UCS Director Express for Big Data, versiones:
3.0,
3.5,
3.6,
3.7.0.0 y 3.7.1.0.
Cisco IMC Supervisor:
versión 2.1;
desde la 2.2.0.0, hasta la 2.2.0.6.
Cisco UCS Director:
desde la 5.5.0.0, hasta la 5.5.0.2;
desde la 6.0.0.0, hasta la 6.0.1.3;
desde la 6.5.0.0, hasta la 6.5.0.3;
versiones 6.6.0.0 y 6.6.1.0;
desde la 6.7.0.0, hasta la 6.7.2.0.
Cisco UCS Director Express for Big Data:
desde la 2.1.0.0, hasta la 2.1.0.2;
desde la 3.0.0.0, hasta la 3.0.1.3;
desde la 3.5.0.0, hasta la 3.5.0.3;
versiones 3.6.0.0 y 3.6.1.0;
desde la 3.7.0.0, hasta la 3.7.2.0.
Descripción:
Múltiples vulnerabilidades en la interfaz de gestión web de los productos afectados, podría permitir a un atacante remoto, no autenticado, conseguir acceso como administrador en el sistema.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-52
Fecha de publicación: 23/08/2019
Importancia: 5 - Crítica
Recursos afectados:
Cisco IMC Supervisor:
versión 2.1;
desde la versión 2.2.0.0, hasta la 2.2.0.6.
Cisco UCS Director, versiones:
6.0,
6.5,
6.6.0.0 y 6.6.1.0,
6.7.0.0 y 6.7.1.0.
Cisco UCS Director Express for Big Data, versiones:
3.0,
3.5,
3.6,
3.7.0.0 y 3.7.1.0.
Cisco IMC Supervisor:
versión 2.1;
desde la 2.2.0.0, hasta la 2.2.0.6.
Cisco UCS Director:
desde la 5.5.0.0, hasta la 5.5.0.2;
desde la 6.0.0.0, hasta la 6.0.1.3;
desde la 6.5.0.0, hasta la 6.5.0.3;
versiones 6.6.0.0 y 6.6.1.0;
desde la 6.7.0.0, hasta la 6.7.2.0.
Cisco UCS Director Express for Big Data:
desde la 2.1.0.0, hasta la 2.1.0.2;
desde la 3.0.0.0, hasta la 3.0.1.3;
desde la 3.5.0.0, hasta la 3.5.0.3;
versiones 3.6.0.0 y 3.6.1.0;
desde la 3.7.0.0, hasta la 3.7.2.0.
Descripción:
Múltiples vulnerabilidades en la interfaz de gestión web de los productos afectados, podría permitir a un atacante remoto, no autenticado, conseguir acceso como administrador en el sistema.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-52
INCIBE-CERT
Múltiples vulnerabilidades en productos Cisco
Múltiples vulnerabilidades en la interfaz de gestión web de los productos afectados, podría permitir a un atacante remoto, no autenticado, conseguir acceso como administrador en el sistema.
Bitcoin Core Bug CVE-2018–17144: An Analysis
The Bitcoin world was surprised when last week, 0.16.3 was released to the public and everyone was urged to upgrade as soon as possible. The ostensible reason was that there was a Denial of Service (DoS) vector found in 0.14-0.16.2 that needed patching. Later on, we found out that there was the possibility of inflation due to the same bug in 0.15-0.16.2.
https://medium.com/hackernoon/bitcoin-core-bug-cve-2018-17144-an-analysis-f80d9d373362
The Bitcoin world was surprised when last week, 0.16.3 was released to the public and everyone was urged to upgrade as soon as possible. The ostensible reason was that there was a Denial of Service (DoS) vector found in 0.14-0.16.2 that needed patching. Later on, we found out that there was the possibility of inflation due to the same bug in 0.15-0.16.2.
https://medium.com/hackernoon/bitcoin-core-bug-cve-2018-17144-an-analysis-f80d9d373362
Medium
Bitcoin Core Bug CVE-2018–17144: An Analysis
The Bitcoin world was surprised when last week, 0.16.3 was released to the public and everyone was urged to upgrade as soon as possible…
Debian Security Advisory
DSA-4507-1 #squid -- security update
More information:
Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code.
For the stable distribution (buster), these problems have been fixed in version 4.6-1+deb10u1.
https://www.debian.org/security/2019/dsa-4507
DSA-4507-1 #squid -- security update
More information:
Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code.
For the stable distribution (buster), these problems have been fixed in version 4.6-1+deb10u1.
https://www.debian.org/security/2019/dsa-4507
Linux #Kodachi 6.2
Linux Kodachi operating system is based on Xubuntu 18.04 LTS it will provide you with a secure, anti forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.
https://www.digi77.com/linux-kodachi/
Linux Kodachi operating system is based on Xubuntu 18.04 LTS it will provide you with a secure, anti forensic, and anonymous operating system considering all features that a person who is concerned about privacy would need to have in order to be secure.
https://www.digi77.com/linux-kodachi/
Warith AL Maawali » Cybersecurity Visionary & Innovator
Linux Kodachi » Warith AL Maawali
Kodachi OS Now Has a Dedicated Website! After 12 years of development and growing recognition in the privacy community, Kodachi has gained its own dedicated home. Visit our new website for comprehensive documentation, downloads, and resources. Visit New Website…
Software Reverse Engineering With #Ghidra (Series) :
https://www.youtube.com/playlist?list=PLRAe18TJ_NTE9cr18OPphn82WS8gVv-te
https://www.youtube.com/playlist?list=PLRAe18TJ_NTE9cr18OPphn82WS8gVv-te
CVE-2019-12527: CODE EXECUTION ON #SQUID PROXY THROUGH A BUFFER OVERFLOW
https://www.zerodayinitiative.com/blog/2019/8/22/cve-2019-12527-code-execution-on-squid-proxy-through-a-heap-buffer-overflow
https://www.zerodayinitiative.com/blog/2019/8/22/cve-2019-12527-code-execution-on-squid-proxy-through-a-heap-buffer-overflow
Zero Day Initiative
Zero Day Initiative — CVE-2019-12527: Code Execution on Squid Proxy Through a Buffer Overflow
In this excerpt of a Trend Micro Vulnerability Research Service report, Saran Neti and Sivathmican Sivakumaran of the Trend Micro Research Team detail a recent buffer overflow vulnerability in the Squid web proxy. A remote, unauthenticated attacker could…
#Microsoft Warns of #Windows10 1703 End of Life for Enterprise
Microsoft warns the users of Windows 10, version 1703 Enterprise and Education editions to take action since this Windows 10 version will reach end of life on October 9, 2019.
The Home, Pro, Pro for Workstations, and IoT Core editions of Windows 10 v1703 reached end of service last year, on October 8, 2018.
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-windows-10-1703-end-of-life-for-enterprise/
Microsoft warns the users of Windows 10, version 1703 Enterprise and Education editions to take action since this Windows 10 version will reach end of life on October 9, 2019.
The Home, Pro, Pro for Workstations, and IoT Core editions of Windows 10 v1703 reached end of service last year, on October 8, 2018.
https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-windows-10-1703-end-of-life-for-enterprise/
BleepingComputer
Microsoft Warns of Windows 10 1703 End of Life for Enterprise
Microsoft warns the users of Windows 10, version 1703 Enterprise and Education editions to take action since this Windows 10 version will reach end of life on October 9, 2019.
Análisis de paquetes de red con #Wireshark, #Elasticsearch y #Kibana
https://www.elastic.co/es/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana
https://www.elastic.co/es/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana
Elastic Blog
Análisis de paquetes de red con Wireshark, Elasticsearch y Kibana
Conozca cómo desarrollar un procesamiento de datos en tiempo real para el análisis de paquetes de red con Wireshark, Filebeat, Logstash, procesamientos de ingesta, Elasticsearch y Kibana.
Múltiples vulnerabilidades en Jenkins
Fecha de publicación: 29/08/2019
Importancia: 4 - Alta
Recursos afectados:
Jenkins weekly, versiones 2.191 y anteriores;
Jenkins LTS, versiones 2.176.2 y anteriores.
Descripción:
Jenkins ha publicado 2 vulnerabilidades, una de severidad alta y otra media. La explotación de alguna de estas vulnerabilidades podría permitir a un atacante implementar ataques CSRF o realizar ataques del tipo cross-site scripting almacenado.
Solución:
Aplicar las siguientes actualizaciones:
Jenkins weekly, versión 2.192;
Jenkins LTS, versión 2.176.3.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-jenkins-6
Fecha de publicación: 29/08/2019
Importancia: 4 - Alta
Recursos afectados:
Jenkins weekly, versiones 2.191 y anteriores;
Jenkins LTS, versiones 2.176.2 y anteriores.
Descripción:
Jenkins ha publicado 2 vulnerabilidades, una de severidad alta y otra media. La explotación de alguna de estas vulnerabilidades podría permitir a un atacante implementar ataques CSRF o realizar ataques del tipo cross-site scripting almacenado.
Solución:
Aplicar las siguientes actualizaciones:
Jenkins weekly, versión 2.192;
Jenkins LTS, versión 2.176.3.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-jenkins-6
INCIBE-CERT
Múltiples vulnerabilidades en Jenkins
Jenkins ha publicado 2 vulnerabilidades, una de severidad alta y otra media. La explotación de alguna de estas vulnerabilidades podría permitir a un atacante implementar ataques CSRF o realizar ataques del tipo cross-site scripting almacenado.
Múltiples vulnerabilidades en productos Cisco
Fecha de publicación: 29/08/2019
Importancia: 5 - Crítica
Recursos afectados:
Cisco Integrated Services Virtual Router,
Firepower 4100 Series,
Firepower 9300 Security Appliances,
MDS 9000 Series Multilayer Switches,
Nexus 1000 Virtual Edge para VMware vSphere,
Nexus 1000V Switch para Microsoft Hyper-V,
Nexus 1000V Switch para VMware vSphere,
Nexus 3000 Series Switches,
Nexus 3500 Platform Switches,
Nexus 3600 Platform Switches,
Nexus 5500 Platform Switches,
Nexus 5600 Platform Switches,
Nexus 6000 Series Switches,
Nexus 7000 Series Switches,
Nexus 7700 Series Switches,
Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI),
Nexus 9000 Series Switches en modo standalone NX-OS,
Nexus 9500 R-Series Switching Platform,
UCS 6200 Series Fabric Interconnects,
UCS 6300 Series Fabric Interconnects,
UCS 6400 Series Fabric Interconnects.
Descripción:
Cisco ha detectado una vulnerabilidad de severidad crítica y cinco vulnerabilidades de severidad alta que afectan a múltiples productos. Un atacante remoto, sin autenticación, podría omitir la autenticación, ejecutar comandos con privilegios de root, generar una condición de denegación de servicio u ocasionar cierres inesperados en los dispositivos afectados.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-53
Fecha de publicación: 29/08/2019
Importancia: 5 - Crítica
Recursos afectados:
Cisco Integrated Services Virtual Router,
Firepower 4100 Series,
Firepower 9300 Security Appliances,
MDS 9000 Series Multilayer Switches,
Nexus 1000 Virtual Edge para VMware vSphere,
Nexus 1000V Switch para Microsoft Hyper-V,
Nexus 1000V Switch para VMware vSphere,
Nexus 3000 Series Switches,
Nexus 3500 Platform Switches,
Nexus 3600 Platform Switches,
Nexus 5500 Platform Switches,
Nexus 5600 Platform Switches,
Nexus 6000 Series Switches,
Nexus 7000 Series Switches,
Nexus 7700 Series Switches,
Nexus 9000 Series Fabric Switches en modo Application Centric Infrastructure (ACI),
Nexus 9000 Series Switches en modo standalone NX-OS,
Nexus 9500 R-Series Switching Platform,
UCS 6200 Series Fabric Interconnects,
UCS 6300 Series Fabric Interconnects,
UCS 6400 Series Fabric Interconnects.
Descripción:
Cisco ha detectado una vulnerabilidad de severidad crítica y cinco vulnerabilidades de severidad alta que afectan a múltiples productos. Un atacante remoto, sin autenticación, podría omitir la autenticación, ejecutar comandos con privilegios de root, generar una condición de denegación de servicio u ocasionar cierres inesperados en los dispositivos afectados.
https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-53
INCIBE-CERT
Múltiples vulnerabilidades en productos Cisco
Cisco ha detectado una vulnerabilidad de severidad crítica y cinco vulnerabilidades de severidad alta que afectan a múltiples productos. Un atacante remoto, sin autenticación, podría omitir la autenticación, ejecutar comandos con privilegios de root, generar…
Material de Black Hat USA 2019 [Presentaciones, Papers y Herramientas]
https://www.blackploit.com/2019/08/material-de-black-hat-usa-2019.html
https://www.blackploit.com/2019/08/material-de-black-hat-usa-2019.html
Blackploit
Material de Black Hat USA 2019 [Presentaciones, Papers y Herramientas]
Web dedicada al Hacking & Pentest; brindando Herramientas, Manuales, Vídeos, Libros y Noticias relacionados con este Mundo.
#Microsoft Lifts Update Block On #Windows 7 With #Symantec AV
Microsoft has raised the safeguard hold put in place to block Symantec or #Norton antivirus users from updating their Windows 7 and Windows Server 2008 R2 devices.
The update block added on August 14was caused by Windows updates code signed using SHA-2 certificates being deleted during installation on Windows 7 SP1 and Windows Server 2008 R2 SP1 systems where Symantec and Norton AVs were installed, stopping the Windows installation from booting.
https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-update-block-on-windows-7-with-symantec-av/
Microsoft has raised the safeguard hold put in place to block Symantec or #Norton antivirus users from updating their Windows 7 and Windows Server 2008 R2 devices.
The update block added on August 14was caused by Windows updates code signed using SHA-2 certificates being deleted during installation on Windows 7 SP1 and Windows Server 2008 R2 SP1 systems where Symantec and Norton AVs were installed, stopping the Windows installation from booting.
https://www.bleepingcomputer.com/news/microsoft/microsoft-lifts-update-block-on-windows-7-with-symantec-av/
BleepingComputer
Microsoft Lifts Update Block On Windows 7 With Symantec AV
Microsoft has raised the safeguard hold put in place to block Symantec or Norton antivirus users from updating their Windows 7 and Windows Server 2008 R2 devices.
Vulnerabilidad grave en #PulseSecure #VPN
Fecha de publicación: 28/08/2019
Nivel de peligrosidad: Alto
El Equipo de Respuesta a Incidentes del Centro Criptológico Nacional, el CCN-CERT, avisa de la explotación masiva de una vulnerabilidad grave en el servicio de VPN sobre SSL de Pulse Secure tras la publicación en Internet de una prueba de concepto.
Vulnerabilidad:
CVE-2019-11510: La vulnerabilidad en Pulse Connect Secure (PCS) y en Pulse Policy Secure (PPS) permitiría a un atacante leer el contenido de ficheros en el servidor afectado, potencialmente aquellos que contuvieran contraseñas o datos sensibles.
La explotación de la vulnerabilidad se puede llevar a cabo de forma remota, poniendo en riesgo el acceso a la infraestructura interna de la organización.
Recursos afectados:
Policy Secure 9.0R1 - 9.0R3.3
Pulse Policy Secure 5.4R1 - 5.4R7
Pulse Policy Secure 5.3R1 - 5.3R12
Pulse Policy Secure 5.2R1 - 5.2R12
Pulse Policy Secure 5.1R1 - 5.1R15
https://www.ccn-cert.cni.es/seguridad-al-dia/alertas-ccn-cert/8540-ccn-cert-al-04-19-vulnerabilidad-grave-en-pulse-secure-vpn.html
Fecha de publicación: 28/08/2019
Nivel de peligrosidad: Alto
El Equipo de Respuesta a Incidentes del Centro Criptológico Nacional, el CCN-CERT, avisa de la explotación masiva de una vulnerabilidad grave en el servicio de VPN sobre SSL de Pulse Secure tras la publicación en Internet de una prueba de concepto.
Vulnerabilidad:
CVE-2019-11510: La vulnerabilidad en Pulse Connect Secure (PCS) y en Pulse Policy Secure (PPS) permitiría a un atacante leer el contenido de ficheros en el servidor afectado, potencialmente aquellos que contuvieran contraseñas o datos sensibles.
La explotación de la vulnerabilidad se puede llevar a cabo de forma remota, poniendo en riesgo el acceso a la infraestructura interna de la organización.
Recursos afectados:
Policy Secure 9.0R1 - 9.0R3.3
Pulse Policy Secure 5.4R1 - 5.4R7
Pulse Policy Secure 5.3R1 - 5.3R12
Pulse Policy Secure 5.2R1 - 5.2R12
Pulse Policy Secure 5.1R1 - 5.1R15
https://www.ccn-cert.cni.es/seguridad-al-dia/alertas-ccn-cert/8540-ccn-cert-al-04-19-vulnerabilidad-grave-en-pulse-secure-vpn.html
www.ccn-cert.cni.es
CCN-CERT AL 04/19 Vulnerabilidad grave en Pulse Secure VPN
Bienvenido al portal de CCN-CERT
Threat Research
Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware
https://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-devilish-debug-details-part-one-pdb-paths-malware.html
Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware
https://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-devilish-debug-details-part-one-pdb-paths-malware.html
Google Cloud Blog
Definitive Dossier of Devilish Debug Details — Part One: PDB Paths and Malware | Mandiant | Google Cloud Blog
Part one of a series about PDB paths, their relation to malware, and how they may be useful in both defensive and offensive operations.
#Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/08/29/cisco-releases-security-updates-multiple-products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
https://www.us-cert.gov/ncas/current-activity/2019/08/29/cisco-releases-security-updates-multiple-products
www.us-cert.gov
Cisco Releases Security Updates for Multiple Products | CISA
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
The Cybersecurity and Infrastructure Security Agency (CISA) encourages…
KubeSecOps: #Kubernetes Security Practices You Should Follow
https://blog.sonatype.com/kubesecops-kubernetes-security-practices-you-should-follow
https://blog.sonatype.com/kubesecops-kubernetes-security-practices-you-should-follow
Sonatype
KubeSecOps: Kubernetes security practices you should follow
Karthik Gaekwad, (@iteration1), a developer and cloud native evangelist at Oracle, shares tips and tools to ensure your Kubernetes containers are secure.
Forwarded from Security News for Everyone
https://blog.nivel4.com/noticias/plugins-populares-de-wordpress-identificados-con-vulnerabilidades-criticas-de-sql-injection/
Aportado por: closer
Aportado por: closer
NIVEL4 Labs
Plugins populares de Wordpress identificados con vulnerabilidades críticas de SQL Injection - NIVEL4 Labs
En total son nueve vulnerabilidades, las cuales recibieron una puntuación CVSS de 9.0 y se clasificaron con severidad crítica. Como decíamos: se descubrieron nueve plugins populares de WordPress con diferentes...
Forwarded from Una al día
iPhone Zero Days: un nuevo spyware de altas capacidades puede monitorizar toda la vida digital de las personas
https://unaaldia.hispasec.com/2019/08/iphone-zero-days-un-nuevo-spyware-de-altas-capacidades-puede-monitorizar-toda-la-vida-digital-de-las-personas.html
https://unaaldia.hispasec.com/2019/08/iphone-zero-days-un-nuevo-spyware-de-altas-capacidades-puede-monitorizar-toda-la-vida-digital-de-las-personas.html
Una al Día
iPhone Zero Days: un nuevo spyware de altas capacidades puede monitorizar toda la vida digital de las personas - Una al Día
14 vulnerabilidades en iPhone han sido el objetivo de cinco cadenas de exploits (herramientas que unifican vulnerabilidades de seguridad, permitiendo al atacante penetrar en cada capa de las protecciones digitales de iOS). Estas cadenas forman parte de un…
[SECURITY] [DLA 1906-1] #python 2.7 security update
For Debian 8 "Jessie", this problem has been fixed in version 2.7.9-2+deb8u4.
https://lists.debian.org/debian-lts-announce/2019/08/msg00040.html
For Debian 8 "Jessie", this problem has been fixed in version 2.7.9-2+deb8u4.
https://lists.debian.org/debian-lts-announce/2019/08/msg00040.html