Oracle ha publicado una vulnerabilidad de severidad crítica cuya explotación puede llevarse a cabo de forma remota y sin necesidad de autenticarse en el sistema. Un atacante podría llegar a comprometer totalmente al Oracle Identity Manager.

Technical articles, content and resources for IT Professionals working in Microsoft technologies

Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

Apple has patched the KRACK vulnerability in iOS and elsewhere in its product line, closing a key re-installation vulnerability in the WPA2 protocol implemented used by its software.

WordPress versions prior to 4.8.3 are affected by a vulnerability. A remote attacker could exploit this vulnerability to obtain sensitive information.US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress…

This is the far side of ice, the view of the matrix I've never seen before...

Security firm Sophos uncovered a zero day exploit that targets a 24-year-old data exchange protocol, and it can be used to silently attack machines with very little means of detection.

Nueva actualización para WordPress, la 4.8.3 considerada de seguridad que soluciona un problema grave de seguridad sobre la función $wpdb->prepare() que a pesar de no ser vulnerable por si misma podría llegar a inyectar código SQL a través de peticiones inseguras…

En este post voy a enseñaros a configurar dnscrypt-proxy ( https://dnscrypt.org/ ) y utilizarlo junto con bind en nuestra Raspberry. La e...

The monumental stable release of HAProxy 1.8 is coming! The HAProxy 1.8 release candidate 1 (RC1) has been published by the R&D team here at HAProxy Technologies, and in this blog post we are going to take you through some of the release highlights, new features…

Cisco has released updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.US-CERT encourages users and administrators to review the following Cisco…

How to bypass 11 antivirus with 2 bytes (e.g.: capcom.sys)

¿Necesitas encontrar tu celular? Descubre cómo rastrear un celular robado, apagado o sin app instalada con métodos efectivos y seguros

Microsoft DDE Exploit Unless you’ve been living under a rock for the past few weeks, you’ll most certainly know about the Microsoft DDE exploit and how it can be abused to weaponise a W…

These challenges will help you understand applicative vulnerabilities.

En los últimos días se ha comenzado a ver un nuevo ransomware denominado Kristina . Lo que es interesante con esta infección particular es q...

Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec