Keylogger Found in HP Notebook Keyboard Driver
https://www.bleepingcomputer.com/news/hardware/keylogger-found-in-hp-notebook-keyboard-driver/
https://www.bleepingcomputer.com/news/hardware/keylogger-found-in-hp-notebook-keyboard-driver/
BleepingComputer
Keylogger Found in HP Notebook Keyboard Driver
HP has released driver updates for hundreds of notebook models to remove debugging code that an attacker could have abused as a keylogger component.
StorageCrypt Ransomware infecting NAS Devices Using SambaCry
https://www.bleepingcomputer.com/news/security/storagecrypt-ransomware-infecting-nas-devices-using-sambacry/
https://www.bleepingcomputer.com/news/security/storagecrypt-ransomware-infecting-nas-devices-using-sambacry/
BleepingComputer
StorageCrypt Ransomware Infecting NAS Devices Using SambaCry
Recently BleepingComputer has received a flurry of support requests for a new ransomware being named StorageCrypt that is targeting NAS devices such as the Western Digital My Cloud. Victims have been reporting that their files have been encrypted and a note…
RDP Hijacking Passwordless para Windows
http://www.flu-project.com/2017/12/rdp-hijacking-passwordless-para-windows.html
http://www.flu-project.com/2017/12/rdp-hijacking-passwordless-para-windows.html
Flu-Project
RDP Hijacking Passwordless para Windows
Flu Project Blog sobre seguridad informatica y hacking etico. Malware, Analisis Forense, Exploits, Firewalls, Anubis, Flunym0us, FluBlockers, LaW.
Forwarded from Una al día
Expuestos datos de 31 millones de usuarios de un teclado virtual
http://unaaldia.hispasec.com/2017/12/expuestos-datos-de-31-millones-de.html
http://unaaldia.hispasec.com/2017/12/expuestos-datos-de-31-millones-de.html
Hispasec
Expuestos datos de 31 millones de usuarios de un teclado virtual
Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec
Forwarded from Una al día
IDEs y herramientas de ingeniería inversa afectados por la vulnerabilidad ParseDroid
http://unaaldia.hispasec.com/2017/12/ides-y-herramientas-de-ingenieria.html
http://unaaldia.hispasec.com/2017/12/ides-y-herramientas-de-ingenieria.html
Hispasec
IDEs y herramientas de ingeniería inversa afectados por la vulnerabilidad ParseDroid
Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec
Vulnerabilidad en Microsoft Malware Protection Engine
Fecha de publicación: 11/12/2017
Importancia: 5 - Crítica
https://www.certsi.es/alerta-temprana/avisos-seguridad/vulnerabilidad-microsoft-malware-protection-engine
Fecha de publicación: 11/12/2017
Importancia: 5 - Crítica
https://www.certsi.es/alerta-temprana/avisos-seguridad/vulnerabilidad-microsoft-malware-protection-engine
CERTSI
Vulnerabilidad en Microsoft Malware Protection Engine
Microsoft ha publicado un parche de seguridad fuera de ciclo para Microsoft Malware Protection Engine.
Las vulnerabilidades en MacOS High Sierra persisten.
http://www.seguridadapple.com/2017/12/las-vulnerabilidades-en-macos-high.html
http://www.seguridadapple.com/2017/12/las-vulnerabilidades-en-macos-high.html
Seguridadapple
Las vulnerabilidades en MacOS High Sierra persisten.
Hace escasos días Apple se vió obligado a lanzar un parche de seguridad para acabar con una vulnerabilidad bastante importante , sin emba...
Apple Releases Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/12/12/Apple-Releases-Security-Updates
https://www.us-cert.gov/ncas/current-activity/2017/12/12/Apple-Releases-Security-Updates
www.us-cert.gov
Apple Releases Security Updates
Apple has released security updates to address vulnerabilities in AirPort Base Station. An attacker could exploit some of these vulnerabilities to take control of an affected system.Users and administrators are encouraged to review the Apple security pages…
Microsoft Releases December 2017 Security Updates
https://www.us-cert.gov/ncas/current-activity/2017/12/12/Microsoft-Releases-December-2017-Security-Updates
https://www.us-cert.gov/ncas/current-activity/2017/12/12/Microsoft-Releases-December-2017-Security-Updates
www.us-cert.gov
Microsoft Releases December 2017 Security Updates
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Filtran 1.400 millones de correos y contraseñas
#contraseñas #fuga_información
http://blog.segu-info.com.ar/2017/12/filtran-1400-millones-de-correos-y.html
#contraseñas #fuga_información
http://blog.segu-info.com.ar/2017/12/filtran-1400-millones-de-correos-y.html
blog.segu-info.com.ar
Filtran 1.400 millones de correos y contraseñas
El mes pasado hablamos de una recopilación de más de 560 millones de correos y contraseñas procedentes de ataques a servicios como Spotify,...
Variation of 19-Year-Old Cryptographic Attack Affects Facebook, PayPal, Others
https://www.bleepingcomputer.com/news/security/variation-of-19-year-old-cryptographic-attack-affects-facebook-paypal-others/
https://www.bleepingcomputer.com/news/security/variation-of-19-year-old-cryptographic-attack-affects-facebook-paypal-others/
BleepingComputer
Variation of 19-Year-Old Cryptographic Attack Affects Facebook, PayPal, Others
Three security researchers have discovered a variation to an old cryptographic attack that can be exploited to obtain the private encryption key necessary to decrypt sensitive HTTPS traffic under certain conditions.
Túneles, Port-Forwarding y Meterpreter: Salta conmigo
http://www.flu-project.com/2017/12/tuneles-port-forwarding-y-meterpreter.html
http://www.flu-project.com/2017/12/tuneles-port-forwarding-y-meterpreter.html
Flu Project
Túneles, Port-Forwarding y Meterpreter: Salta conmigo
Here's How to Enable the Built-In Windows 10 OpenSSH Client
https://www.bleepingcomputer.com/news/microsoft/heres-how-to-enable-the-built-in-windows-10-openssh-client/
https://www.bleepingcomputer.com/news/microsoft/heres-how-to-enable-the-built-in-windows-10-openssh-client/
BleepingComputer
Here's How to Enable the Built-In Windows 10 OpenSSH Client
With each new release of Windows 10, we see more and more useful tools being ported from Linux. First, we had the Windows Subsystem for Linux, which is awesome, and now we have a built-in OpenSSH client and server, which uses version 7.5p1 of OpenSSH.
Las páginas de Phishing están usando páginas con HTTPS para parecer legítimos
http://www.seguridadapple.com/2017/12/los-portales-de-phishing-estan-usando.html
http://www.seguridadapple.com/2017/12/los-portales-de-phishing-estan-usando.html
Seguridadapple
Las páginas de Phishing están usando páginas con HTTPS para parecer legítimos
Actualmente más de la mitad de sitios web usan protocolos de cifrado de Internet para mantener los datos protegidos. Esto se debe a que des...
¿Realmente es tan sencillo manipular un Whatsapp como para que no puedan ser utilizados en procedimientos judiciales?
#Forensic
https://glider.es/whatsapp-razonando-una-duda-razonable/
#Forensic
https://glider.es/whatsapp-razonando-una-duda-razonable/
GLIDER.es
Whatsapp: Razonando una duda razonable.
En este nuevo artículo de GLIDER.es os quiero hablar de algo que últimamente está siendo muy recurrente en medios de comunicación, y no es otra cosa que la posibilidad de manipular una conversación…
3 Simple, Excellent Linux Network Monitors
https://www.linux.com/learn/intro-to-linux/2017/10/3-simple-excellent-linux-network-monitors
https://www.linux.com/learn/intro-to-linux/2017/10/3-simple-excellent-linux-network-monitors
Linux.com | The source for Linux information
3 Simple, Excellent Linux Network Monitors
You can learn an amazing amount of information about your network connections with these three glorious Linux networking commands. iftop tracks network connections by process number, Nethogs quickly reveals what is hogging your bandwidth, and vnstat runs…
#Microsoft #Exchange Server 2016 CU5 and Microsoft Exchange Server 2016 CU5 allow a spoofing vulnerability due to the way Outlook Web Access (OWA) validates web requests, aka "Microsoft Exchange Spoofing Vulnerability".
https://nvd.nist.gov/vuln/detail/CVE-2017-11932
https://nvd.nist.gov/vuln/detail/CVE-2017-11932