OpenSMTPD Vulnerability

The CERT Coordination Center (CERT/CC) has released information on a vulnerability affecting OpenSMTPD. An attacker could exploit this vulnerability to take control of an affected system. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review CERT/CC’s Vulnerability Note VU#390745 and apply the necessary updates.

https://www.us-cert.gov/ncas/current-activity/2020/02/03/opensmtpd-vulnerability

New EmoCheck Tool Checks if You're Infected With Emotet

A new utility has been released by Japan CERT (computer emergency response team) that allows Windows users to easily check if they are infected with the Emotet Trojan.

https://www.bleepingcomputer.com/news/security/new-emocheck-tool-checks-if-youre-infected-with-emotet/

Mysterious New Ransomware Targets Industrial Control Systems

EKANS appears to be the work of cybercriminals, rather than nation-state hackers—a worrying development, if so.

https://www.wired.com/story/ekans-ransomware-industrial-control-systems/

Múltiples vulnerabilidades en Squid

Fecha de publicación: 04/02/2020
Importancia: 4 - Alta

Recursos afectados:
Las siguientes versiones de Squid:
desde la 2.x hasta la 2.7.STABLE9;
desde la 3.x hasta la 3.5.28;
desde la 4.x hasta la 4.9.

Descripción:
Se han detectado tres vulnerabilidades en múltiples versiones del servidor proxy Squid que podrían permitir a un atacante omitir los controles de seguridad de acceso, la denegación del servicio o la divulgación de información.

Solución:
Actualizar a la versión 4.10.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-squid-1

IRS Launches “Identity Theft Central” Webpage

The Internal Revenue Service (IRS) has launched its “Identity Theft Central” webpage to provide 24/7 access to online information regarding tax-related identity theft and data security protection. Tax-related identity theft occurs when someone steals personal information to commit tax fraud.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages taxpayers, tax professionals, and businesses to review the IRS news release and CISA’s Tip on Preventing and Responding to Identity Theft for more information

https://www.us-cert.gov/ncas/current-activity/2020/02/04/irs-launches-identity-theft-central-webpage

El IRS trabajará con víctimas del robo de identidad

https://www.irs.gov/es/identity-theft-central

Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-nxos-cdp-rce

Cisco Patches Critical CDP Flaws Affecting Millions of Devices

https://www.bleepingcomputer.com/news/security/cisco-patches-critical-cdp-flaws-affecting-millions-of-devices/

Google expuso por error vídeos privados de usuarios

https://unaaldia.hispasec.com/2020/02/google-expuso-por-error-videos-privados-de-usuarios.html

Múltiples vulnerabilidades en productos de Cisco

Fecha de publicación: 06/02/2020
Importancia: 4 - Alta

Descripción:
Dos investigadores de Armis, Barak Hadad y Ben Seri, han notificado a Cisco cinco vulnerabilidades de criticidad alta. Un atacante próximo, no autenticado, podría generar una condición de denegación de servicio, ejecución de código arbitrario, incluso con privilegios de root, y ocasionar reinicios en los dispositivos.

https://www.incibe-cert.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-productos-cisco-61

Critical Android Bluetooth Flaw Exploitable without User Interaction

Android users are urged to apply the latest security patches released for the operating system on Monday that address a critical vulnerability in the Bluetooth subsystem.

An attacker could leverage the security flaw, now identified as CVE-2020-0022 without user participation to run arbitrary code on the device with the elevated privileges of the Bluetooth daemon when the wireless module is active.

https://www.bleepingcomputer.com/news/security/critical-android-bluetooth-flaw-exploitable-without-user-interaction/

Bienvenidos a Telegram.

¡@fluproject estrena canal en Telegram!
Autor: G0nt3r

Windows Server 2008 Servers Don’t Boot After KB4539602 Update

Windows Server 2008 servers will no longer boot if prerequisites aren't installed before applying the out-of-band KB4539602 update released by Microsoft on February 7 to patch a wallpaper bug.

https://www.bleepingcomputer.com/news/microsoft/windows-server-2008-servers-don-t-boot-after-kb4539602-update/

#UnderDOCS Febrero 2020 - Número 7
📌 https://underc0de.org/foro/e-zines/underdocs-febrero-2020-numero-7/

En esta edición disfruten de:

• Noticias informáticas
• Hacking
• Pentesting
• GNU/Linux
• Programación
• QA Analítica Web
• Privacidad
• Debates
• CTF/Retos (soluciones)
• UNDERTOOLS DIY: En esta sección descubrirás Hacking Tools útiles que puedes hacer tú mismo, con apoyo de un pequeño taller práctico.
• OFF TOPIC: Encuentra al final de cada entrega nuestra sección especial con: desafíos, temas virales, mensajes/opiniones de nuestros usuarios, y mucho más.

Esperamos que sea de su agrado y desde luego nos encantará leer sus comentarios, en este post o vía e-mail info@Underc0de.org | redacciones@Underc0de.org
todas las observaciones nos ayudan a mejorar UnderDOCS.

Encontradas varias aplicaciones en Google Play que instalaban malware en los dispositivos

https://unaaldia.hispasec.com/2020/02/encontradas-varias-aplicaciones-en-google-play-que-instalaban-malware-en-los-dispositivos.html

Se destapa el mayor escándalo de espionaje de la CIA en los últimos años

https://computerhoy.com/noticias/tecnologia/destapa-mayor-escandalo-espionaje-cia-ultimos-anos-579739

Intel Releases Security Updates

Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit these vulnerabilities to gain escalation of privileges.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Intel advisories and apply the necessary updates:

RWC3 Advisory INTEL-SA-00341
MPSS Advisory INTEL-SA-00340
RWC2 Advisory INTEL-SA-00339
SGX SDK Advisory INTEL-SA-00336
CSME Advisory INTEL-SA-00307
Renesas Electronics USB 3.0 Driver Advisory INTEL-SA-00273

https://www.us-cert.gov/ncas/current-activity/2020/02/11/intel-releases-security-updates

Microsoft Patches Actively Exploited Internet Explorer Zero-Day

Microsoft released security updates to patch an actively exploited zero-day remote code execution (RCE) vulnerability impacting multiple versions of Internet Explorer.

In the middle of January 2020, Microsoft released an advisory about an Internet Explorer zero-day vulnerability (CVE-2020-0674) that was publicly disclosed and being actively exploited by attackers.

https://www.bleepingcomputer.com/news/security/microsoft-patches-actively-exploited-internet-explorer-zero-day/

Mozilla Releases Security Updates for Multiple Products

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Mozilla Security Advisories and apply the necessary updates:

Firefox 73
Firefox ESR 68.5
Thunderbird 68.5

https://www.us-cert.gov/ncas/current-activity/2020/02/11/mozilla-releases-security-updates-multiple-products