PoC Video:
1. How works Reverse Shells through Tor
2. HID attack + Reverse Meterpreter + Tor
https://youtu.be/cKYGTMkIDyE
1. How works Reverse Shells through Tor
2. HID attack + Reverse Meterpreter + Tor
https://youtu.be/cKYGTMkIDyE
YouTube
Sunshade and Blinds
1 - Connect backdoors through Tor
2 - Nethunter HID attack - powershell - Tor backdoor
https://goo.gl/U9eRWd
2 - Nethunter HID attack - powershell - Tor backdoor
https://goo.gl/U9eRWd
Con la Fall Creators Update, Linux ya es parte integral de Windows 10.
Y esto abre un mundo nuevo a fuente de amenazas, salto de restricciones, etc.
https://www.genbeta.com/windows/con-la-fall-creators-update-linux-ya-es-parte-integral-de-windows-10/amp
Y esto abre un mundo nuevo a fuente de amenazas, salto de restricciones, etc.
https://www.genbeta.com/windows/con-la-fall-creators-update-linux-ya-es-parte-integral-de-windows-10/amp
#Debian Aplicado parche para #KRACK vía apt "wpasupplicant (2:2.4-1+deb9u1) sobre (2:2.4-1)" info:
https://www.debian.org/security/2017/dsa-3999
https://www.debian.org/security/2017/dsa-3999
New Adobe Flash zero-day exploit used in targeted attacks by the BlackOasis APT - patch available now:
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
Adobe
Free and discontinued products | Support options
Phone and chat support is not available for free or discontinued software or services. Learn what other support resources might be available.
Adobe Releases Security Updates
https://t.co/dQHITcBeo0
https://t.co/dQHITcBeo0
www.us-cert.gov
Adobe Releases Security Updates
Adobe has released security updates to address a vulnerability in Adobe Flash Player. A remote attacker could exploit this vulnerability to take control of an affected system.US-CERT encourages users and administrators to review Adobe Security Bulletin APSB17…
Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices.
#ROCA
https://thehackernews.com/2017/10/rsa-encryption-keys.html?m=1
#ROCA
https://thehackernews.com/2017/10/rsa-encryption-keys.html?m=1
The Hacker News
Serious Crypto-Flaw Lets Hackers Recover Private RSA Keys Used in Billions of Devices
Vulnerable Infineon’s Trusted Platform Module (TPM) Allows Hackers to Recover Private RSA Encryption Keys From Public Keys
Múltiples vulnerabilidades en #Citrix XenServer https://t.co/Mb0Q82EaA4
CERTSI
Múltiples vulnerabilidades en Citrix XenServer
Han sido identificadas múltiples vulnerabilidades en el producto XenServer de la compañía Citrix las cuales pueden permitir a un atacante comprometer el servidor anfitrión de la máquina virtual afectada.
Open Source Security Incident and Event Management: SIEMonster
https://t.co/fv09TBzkww #InfoSec #CyberSecurity
https://t.co/fv09TBzkww #InfoSec #CyberSecurity
Sharing the same IP address as a criminal? Law enforcement call for the end of CGN to increase accountability online.
https://t.co/MT8MNUzdIF
https://t.co/MT8MNUzdIF
Europol
Are you sharing the same IP address as a criminal? Law enforcement call for the end of Carrier Grade NAT (CGN) to increase accountability…
On 13 October 2017, the Estonian Presidency of the Council of the EU and Europol held a workshop attended by 35 EU policy-makers and law enforcement officials, to address the increasing problem of non-crime attribution associated with the widespread use of…
Millions of high-security crypto keys crippled by newly discovered flaw
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/
https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-of-high-security-keys-750k-estonian-ids/
Ars Technica
Millions of high-security crypto keys crippled by newly discovered flaw
Factorization weakness lets attackers impersonate key holders and decrypt their data.
The latest pfSense 2.3.5 and 2.4.1 snapshots now have KRACK attack fixes.
#KRACKAttacks
https://t.co/DjLomlBj5K
#KRACKAttacks
https://t.co/DjLomlBj5K
snapshots.pfsense.org
pfSense Snapshot Releases - pfsense.org
The pfSense Project's Snapshot Releases
Androl4b: máquina virtual para análisis forense de apps de Android
http://blog.segu-info.com.ar/2017/10/androl4b-maquina-virtual-para-analisis.html?utm_source=Segu.Info&utm_medium=twitter&utm_campaign=seguinfo&m=1
http://blog.segu-info.com.ar/2017/10/androl4b-maquina-virtual-para-analisis.html?utm_source=Segu.Info&utm_medium=twitter&utm_campaign=seguinfo&m=1
blog.segu-info.com.ar
Androl4b: máquina virtual para análisis forense de apps de Android
En el caso del análisis forense de Android, uno de los entornos más completos para este análisis de malware es Androl4b : una máquina virtua...
Vendor Information for VU#228519
#KRACK
Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse
Listado de fabricantes afectados con fecha de parcheo en su caso.
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
#KRACK
Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse
Listado de fabricantes afectados con fecha de parcheo en su caso.
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
Si no aplicaste los parches de #Oracle corres el riesgo de estar expuesto a 250 #vulnerabilidades. Echa el cerrojo.
https://t.co/k6u2JUteuW
Oracle Critical Patch Update
http://www.oracle.com/technetwork/security-advisory/cpuoct2017verbose-3236627.html
https://t.co/k6u2JUteuW
Oracle Critical Patch Update
http://www.oracle.com/technetwork/security-advisory/cpuoct2017verbose-3236627.html
www.theregister.co.uk
Oracle Hospitality apps rolled out the Big Red carpet to crims
Brrrt! Brrrt! Brrrt! Big Red's bug gun targets 252 bugs, and you for not patching fast enough
Lenovo Android Tablet and Lenovo VIBE, Moto, and ZUK Mobile Phone Remote Code Execution Vulnerability
https://support.lenovo.com/es/es/product_security/len-15374
https://support.lenovo.com/es/es/product_security/len-15374
Google Releases Security Updates for Chrome
https://t.co/vaH9jT2cJB
https://t.co/vaH9jT2cJB
www.us-cert.gov
Google Releases Security Updates for Chrome | US-CERT
Google has released Chrome version 62.0.3202.62 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.US-CERT encourages users and administrators…
Teléfono inteligente #FäristMobile desarrollado por CCN apto para manejar información clasificada RESTRICTED por UE
https://t.co/cCO7oGyHgA
https://t.co/cCO7oGyHgA
www.ccn-cert.cni.es
El sistema para protección de las comunicaciones móviles Färist Mobile aprobado para manejar información clasificada RESTRICTED…
Bienvenido al portal de CCN-CERT
Cisco Releases Security Updates
https://t.co/K5xStbUdz8
https://t.co/K5xStbUdz8
www.us-cert.gov
Cisco Releases Security Updates
Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review the following Cisco…