Escalada de privilegios en FortiClient VPN
Fecha de publicación: 14/12/2017
Importancia: 4 - Alta
Recursos afectados:
FortiClient Windows 5.6.0
FortiClient Windows 5.4.3 y anteriores.
https://www.certsi.es/alerta-temprana/avisos-seguridad/escalada-privilegios-forticlient-vpn
Fecha de publicación: 14/12/2017
Importancia: 4 - Alta
Recursos afectados:
FortiClient Windows 5.6.0
FortiClient Windows 5.4.3 y anteriores.
https://www.certsi.es/alerta-temprana/avisos-seguridad/escalada-privilegios-forticlient-vpn
CERTSI
Escalada de privilegios en FortiClient VPN
Se ha detectado una vulnerabilidad en el cliente VPN FortiClient para Windows que permitiría a un atacante remoto no autenticado acceder al sistema con privilegios cuando la funcionalidad "VPN before logon" está habilitada.
Múltiples vulnerabilidades en Palo Alto PAN-OS
Fecha de publicación: 14/12/2017
Importancia: 4 - Alta
Recursos afectados:
Palo Alto PAN-OS 6.1.X
Palo Alto PAN-OS 7.0.X
Palo Alto PAN-OS 7.1.X
Palo Alto PAN-OS 8.0.0 hasta la 8.0.5
https://www.certsi.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-palo-alto-pan-os
Fecha de publicación: 14/12/2017
Importancia: 4 - Alta
Recursos afectados:
Palo Alto PAN-OS 6.1.X
Palo Alto PAN-OS 7.0.X
Palo Alto PAN-OS 7.1.X
Palo Alto PAN-OS 8.0.0 hasta la 8.0.5
https://www.certsi.es/alerta-temprana/avisos-seguridad/multiples-vulnerabilidades-palo-alto-pan-os
CERTSI
Múltiples vulnerabilidades en Palo Alto PAN-OS
Han sido identificadas dos vulnerabilidades en productos Palo Alto, las cuales permiten a un usuario remoto no autenticado ejecutar arbitrariamente código y a un usuario autenticado inyectar comandos también de manera arbitraria.
Advisory ID: VMSA-2017-0020
Severity: Moderate
Synopsis: #VMware AirWatch Console updates address Broken Access Control
vulnerability.
Issue date: 2017-12-12
Updated on: 2017-12-12 (Initial Advisory)
CVE number: CVE-2017-4942
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4942
https://support.air-watch.com/articles/115015676547
https://www.air-watch.com/en/about/contact-us
https://support.air-watch.com/articles/115015625647
Severity: Moderate
Synopsis: #VMware AirWatch Console updates address Broken Access Control
vulnerability.
Issue date: 2017-12-12
Updated on: 2017-12-12 (Initial Advisory)
CVE number: CVE-2017-4942
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-4942
https://support.air-watch.com/articles/115015676547
https://www.air-watch.com/en/about/contact-us
https://support.air-watch.com/articles/115015625647
cve.mitre.org
CVE -
CVE-2017-4942
CVE-2017-4942
Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities. Assigned by CVE Numbering Authorities (CNAs) from around the world, use of CVE Entries ensures confidence…
La Agencia Tributaria no está haciendo reembolsos de 384,56€ a los usuarios #phishing
https://www.osi.es/es/actualidad/avisos/2017/12/la-agencia-tributaria-no-esta-haciendo-reembolsos-de-38456eu-los-usuarios
https://www.osi.es/es/actualidad/avisos/2017/12/la-agencia-tributaria-no-esta-haciendo-reembolsos-de-38456eu-los-usuarios
www.osi.es
La Agencia Tributaria no está haciendo reembolsos de 384,56€ a los usuarios #phishing
Desde la cuenta oficial de Soporte Técnico de la Agencia Tributaria en Twitter, han confirmado la existencia una campaña fraudulenta, en la que se suplanta la identidad de la propia Agencia Tributaria. El correo malicioso informa al contribuyente que le corresponde…
Transport Layer Security (TLS) Vulnerability
https://www.us-cert.gov/ncas/current-activity/2017/12/13/Transport-Layer-Security-TLS-Vulnerability
https://www.us-cert.gov/ncas/current-activity/2017/12/13/Transport-Layer-Security-TLS-Vulnerability
www.us-cert.gov
Transport Layer Security (TLS) Vulnerability | US-CERT
CERT Coordination Center (CERT/CC) has released information on a Transport Layer Security (TLS) vulnerability. Exploitation of this vulnerability could allow an attacker to access sensitive information.
Huawei issues security alert for vulnerability in HG532 devices
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20171130-01-hg532-en
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20171130-01-hg532-en
Echa un vistazo al Tweet de @tmmalanalyst: https://twitter.com/tmmalanalyst/status/941203570015158273?s=09
Twitter
TMMalAnalyst
Dec-14,2017(JST). Japanese MalSpam included HTML Link -> ZIP -> js -> Infects #Ursnif #Malware. Steal infomations "GET_MAIL", "LOAD_DLL", "LOAD_PLUGIN", "GET_SYSINFO". Leads js file VT: https://t.co/dRw1ntN2I6
Telegram Messenger for Android: Directory Traversal in Downloading Documents
https://bugs.chromium.org/p/project-zero/issues/detail?id=1470
https://bugs.chromium.org/p/project-zero/issues/detail?id=1470
DetectionLab : Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices :
https://github.com/clong/DetectionLab
https://medium.com/@clong/introducing-detection-lab-61db34bed6ae
https://github.com/clong/DetectionLab
https://medium.com/@clong/introducing-detection-lab-61db34bed6ae
GitHub
GitHub - clong/DetectionLab: Automate the creation of a lab environment complete with security tooling and logging best practices
Automate the creation of a lab environment complete with security tooling and logging best practices - clong/DetectionLab
Forwarded from Una al día
Varias vulnerabilidades en cámaras IP Zivif
http://unaaldia.hispasec.com/2017/12/varias-vulnerabilidades-en-camaras-ip.html
http://unaaldia.hispasec.com/2017/12/varias-vulnerabilidades-en-camaras-ip.html
Hispasec
Varias vulnerabilidades en cámaras IP Zivif
Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec
Forwarded from Security News for Everyone
Firewall Bursting: A New Approach to Better Branch Security https://vulners.com/thn/THN:D36C43890695B01188FB061262CC843E
Vulners
Firewall Bursting: A New Approach to Better Branch Security
[]()
One of the most common network security solutions is the branch firewall. Branch firewall…
One of the most common network security solutions is the branch firewall. Branch firewall…
Invoke-PSImage
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a oneliner for executing either from a file of from the web (when the -Web flag is passed).
https://github.com/peewpw/Invoke-PSImage
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a oneliner for executing either from a file of from the web (when the -Web flag is passed).
https://github.com/peewpw/Invoke-PSImage
GitHub
GitHub - peewpw/Invoke-PSImage: Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute
Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute - peewpw/Invoke-PSImage
BASIC NETWORKING POWERSHELL CMDLETS CHEATSHEET TO REPLACE NETSH, IPCONFIG, NSLOOKUP AND MORE
https://www.thomasmaurer.ch/2016/02/basic-networking-powershell-cmdlets-cheatsheet-to-replace-netsh-ipconfig-nslookup-and-more/
https://www.thomasmaurer.ch/2016/02/basic-networking-powershell-cmdlets-cheatsheet-to-replace-netsh-ipconfig-nslookup-and-more/
Thomas Maurer
Basic Networking PowerShell cmdlets cheatsheet to replace netsh, ipconfig, nslookup and more
Around 4 years ago I wrote a blog post about how to Replace netsh with Windows PowerShell which includes basic powershell networking cmdlets. After working with Microsoft Azure, Nano Server and Containers, PowerShell together with networking becomes more…
Disassemble Powershell CMDLets
https://blogs.msdn.microsoft.com/hewagen/2017/12/14/disassemble-powershell-cmdlets/
https://blogs.msdn.microsoft.com/hewagen/2017/12/14/disassemble-powershell-cmdlets/
Introduction to Malware-blocking DNS Services.
https://blog.cryptoaustralia.org.au/2017/12/19/introduction-malware-blocking-dns/
https://blog.cryptoaustralia.org.au/2017/12/19/introduction-malware-blocking-dns/