SNAKE Ransomware is targeting business networks

A new piece of ransomware called SNAKE appeared in threat landscape, the malware is now targeting company networks.

https://securityaffairs.co/wordpress/96137/malware/snake-ransomware.html

Múltiples vulnerabilidades en productos Juniper

Fecha de publicación: 09/01/2020
Importancia: 4 - Alta

Descripción: 
Se han publicado múltiples vulnerabilidades en productos Juniper que podrían permitir a un atacante ejecutar comandos como root, provocar la denegación del servicio, secuestrar la sesión J-Web para llevar a cabo acciones de administración o provocar el cierre inesperado y el reinicio del dispositivo.

Solución: 
Actualizar los productos afectados desde el centro de descargas de Juniper.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-juniper-6

Múltiples vulnerabilidades en productos Cisco

Fecha de publicación: 09/01/2020
Importancia: 4 - Alta

Recursos afectados: 
Cisco IOS y Cisco IOS XE, versiones anteriores a 16.1.1 con la funcionalidad HTTP Server habilitada.
Cisco Webex Video Mesh, versiones anteriores a 2019.09.19.1956m.

Descripción: 
Se han identificado dos vulnerabilidades en productos Cisco, ambas de severidad alta, que podrían permitir a un atacante remoto realizar CSRF (Cross-Site Request Forgery) o inyección de comandos en el sistema afectado.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-59

Mozilla Patches Critical Vulnerability

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2020/01/08/mozilla-patches-critical-vulnerability

Citrix Application Delivery Controller and Citrix Gateway Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway. A remote attacker could exploit this vulnerability to run arbitrary code on a targeted system. This vulnerability was detected in exploits in the wild.   

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#619785 and Citrix Security Bulletin CTX267027 for more information and workarounds.

https://www.us-cert.gov/ncas/current-activity/2020/01/08/citrix-application-delivery-controller-and-citrix-gateway

Mozilla Releases Security Updates for Firefox and Firefox ESR

Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 72 and Firefox ESR 68.4 and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2020/01/08/mozilla-releases-security-updates-firefox-and-firefox-esr

Google Releases Security Updates for Chrome

Google has released security updates for Chrome version 79.0.3945.117 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2020/01/08/google-releases-security-updates-chrome

Juniper Networks Releases Security Updates

Juniper Networks has released security updates to address multiple vulnerabilities in various Juniper products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
 
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Juniper Security Advisories webpage and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2020/01/09/juniper-networks-releases-security-updates

Alert (AA20-010A)

Continued Exploitation of Pulse Secure VPN Vulnerability

https://www.us-cert.gov/ncas/alerts/aa20-010a

#UnderDOCS - #Enero 2020, Número 6
📌 https://underc0de.org/foro/e-zines/underdocs-enero-2020-numero-6/msg138108/#msg138108

En esta edición disfruten de:

• Criptomonedas/Blockchain
• Noticias Informáticas
• Hacking/Pentesting
• Seguridad Informática
• QA Analítica web
• Privacidad
• Off Topic

#Citrix ADC CVE-2019-19781 Exploits Released, Fix Now!

Numerous working exploits for the Citrix ADC (NetScaler) CVE-2019-19781 vulnerability are finally here and have been publicly posted in numerous locations. There is no patch available for this vulnerability, but Citrix has provided mitigations, which should be applied now!

https://www.bleepingcomputer.com/news/security/citrix-adc-cve-2019-19781-exploits-released-fix-now/

PoC Exploits Released for #Citrix ADC and Gateway RCE Vulnerability

It's now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers.

https://thehackernews.com/2020/01/citrix-adc-gateway-exploit.html

#Sodinokibi #Ransomware Publishes Stolen Data for the First Time

For the first time, the operators behind the Sodinokibi Ransomware have released files stolen from one of their victims because a ransom was not paid in time.

https://www.bleepingcomputer.com/news/security/sodinokibi-ransomware-publishes-stolen-data-for-the-first-time/

Maze #Ransomware Publishes 14GB of Stolen Southwire Files

The Maze Ransomware operators have released an additional 14GB of files that they claim were stolen from one of their victims for not paying a ransomware demand.

https://www.bleepingcomputer.com/news/security/maze-ransomware-publishes-14gb-of-stolen-southwire-files/

CISA Releases Test for Citrix ADC and Gateway Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has released a utility that enables users and administrators to test whether their Citrix Application Delivery Controller (ADC) and Citrix Gateway software is susceptible to the CVE-2019-19781 vulnerability. According to Citrix Security Bulletin CTX267027, beginning on January 20, 2020, Citrix will be releasing new versions of Citrix ADC and Citrix Gateway that will patch CVE-2019-19781.

CISA strongly advises affected organizations to review CERT/CC’s Vulnerability Note VU#619785 and Citrix Security Bulletin CTX267027 and apply the mitigations until Citrix releases new versions of the software.

https://www.us-cert.gov/ncas/current-activity/2020/01/13/cisa-releases-test-citrix-adc-and-gateway-vulnerability

Cisco addressed a high-severity bug in Webex that could allow Remote Code Execution

Tech giant Cisco has recently addressed two high-severity vulnerabilities affecting its Webex and IOS XE Software products.

https://securityaffairs.co/wordpress/96384/security/cisco-webex-rce.html

Microsoft expected to patch major Windows security flaw today, and may NOT patch Windows 7

https://mspoweruser.com/microsoft-expected-to-patch-major-windows-security-flaw-today-and-may-not-patch-windows-7/

What is Cable Haunt?

Cable Haunt is a critical vulnerability found in cable modems from various manufacturers across the world. The vulnerability enables remote attackers to execute abitrary code on your modem,

https://cablehaunt.com/

CISA Releases Test Tool for Citrix ADC and Gateway Vulnerability – Sysadmins Can Test Now

https://gbhackers.com/citrix-test-tool/

Microsoft Releases January 2020 Security Updates

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s January 2020 Security Update Summary and Deployment Information and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2020/01/14/microsoft-releases-january-2020-security-updates

CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Windows CryptoAPI and Windows Remote Desktop Protocol (RDP) server and client. A remote attacker could exploit these vulnerabilities to decrypt, modify, or inject data on user connections.

https://www.us-cert.gov/ncas/current-activity/2020/01/14/cisa-releases-emergency-directive-and-activity-alert-critical