From fuzzing Apache httpd server to CVE-2017-7668 and a $1500 bounty. https://animal0day.blogspot.mx/2017/07/from-fuzzing-apache-httpd-server-to-cve.html
Using a TTY Model 43 as a console on Linux
-
Connected via serial interface to a modern machine running Debian Wheezy. Filmed at the Media Archeology Lab in Boulder, CO with an extremely shitty camera. You might just be able to read what it says if you watch it at 720p
-
https://www.youtube.com/watch?v=-Ul-f3hPJQM
-
Connected via serial interface to a modern machine running Debian Wheezy. Filmed at the Media Archeology Lab in Boulder, CO with an extremely shitty camera. You might just be able to read what it says if you watch it at 720p
-
https://www.youtube.com/watch?v=-Ul-f3hPJQM
YouTube
Using a TTY Model 43 as a console on Linux
Connected via serial interface to a modern machine running Debian Wheezy. Filmed at the Media Archeology Lab in Boulder, CO with an extremely shitty camera. You might just be able to read what it says if you watch it at 720p
ELEVACIÓN DE PRIVILEGIOS EN WINDOWS A TRAVÉS DE ACTIVE DIRECTORY Y LDAP AUTHENTICATION
http://estefani.mx/2017/elevacion-de-privilegios-en-windows-a-traves-de-active-directory-y-ldap-authentication.html
http://estefani.mx/2017/elevacion-de-privilegios-en-windows-a-traves-de-active-directory-y-ldap-authentication.html
estefani.mx
Elevación de Privilegios en Windows a través de Active Directory y LDAP authentication – Estefani Olvera
Bienvenidos al futuro: Robot de seguridad se suicida
https://www.fayerwayer.com/2017/07/bienvenidos-al-futuro-robot-de-seguridad-comete-suicidio/
https://www.fayerwayer.com/2017/07/bienvenidos-al-futuro-robot-de-seguridad-comete-suicidio/
Medidas de seguridad extraordinarias en vuelos hacia los Estados Unidos de América
La Dirección General de Aeronáutica Civil de la SCT fue informada por el Departamento de Seguridad Interior (Department of Homeland Security - DHS) de los Estados Unidos de América de que, a partir de mañana, 19 de julio de 2017, para los vuelos directos hacia ese país, las líneas aéreas aplicarán medidas extraordinarias de seguridad, que tienen que ver con la revisión de aparatos electrónicos portátiles más grandes que un teléfono celular o smartphone.
https://www.gob.mx/sct/prensa/medidas-de-seguridad-extraordinarias-en-vuelos-hacia-los-estados-unidos-de-america
La Dirección General de Aeronáutica Civil de la SCT fue informada por el Departamento de Seguridad Interior (Department of Homeland Security - DHS) de los Estados Unidos de América de que, a partir de mañana, 19 de julio de 2017, para los vuelos directos hacia ese país, las líneas aéreas aplicarán medidas extraordinarias de seguridad, que tienen que ver con la revisión de aparatos electrónicos portátiles más grandes que un teléfono celular o smartphone.
https://www.gob.mx/sct/prensa/medidas-de-seguridad-extraordinarias-en-vuelos-hacia-los-estados-unidos-de-america
gob.mx
Medidas de seguridad extraordinarias en vuelos hacia los Estados Unidos de América
With the growing number of cyber attacks and breaches, a significant number of companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded.
http://thehackernews.com/2017/07/tor-bug-bounty-program.html?utm_source=tpx.mx
http://thehackernews.com/2017/07/tor-bug-bounty-program.html?utm_source=tpx.mx
The Hacker News
Tor Launches Bug Bounty Program — Get Paid for Hacking!
The Tor Project today announced the launch a bug bounty program with rewards of up to $4,000 for finding vulnerabilities in the Tor Browser.
Warning: Do not download the malicious Rodeo browser, which is pitching itself as a modified Tor Browser https://www.hackread.com/fake-tor-browser-rodeo-scamming-users/
HackRead
Beware - "Fake Tor Browser Rodeo" Scamming Unsuspecting Users
A fake browser called Rodeo that imitates the Tor browser has been discovered luring users to create their accounts on the website which is essentially
Desde el martes pasado se empezó a viralizar este tipo de mensajes por Whatsapp, honeypots para atraer a personas sin mucho conociminto técnico, avisar a sus contactos que no abran ningún tipo de esta publicidad.
!No te lo puedes perder! Entradas en: https://www.eventbrite.com/e/tunatech-2017-tickets-35881620894?aff=ehomecard
El grupo de Hackers VandaTheGod, comprometio los servidores web de puebla.gob.mx, "defaceando" la mayoria de los subdominios.
[ tpx Scan #g0bHacked ]
[ tpx Scan #g0bHacked ]
Advanced ATM Penetration Testing Methods
https://gbhackers.com/advanced-atm-penetration-testing-methods/
https://gbhackers.com/advanced-atm-penetration-testing-methods/
Pentesting de web services con WS-Attacker.
http://www.hackplayers.com/2017/07/pentesting-de-web-services-con-ws-attacker.html
http://www.hackplayers.com/2017/07/pentesting-de-web-services-con-ws-attacker.html
Oracle Critical Patch Update Advisory - July 2017
A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes....
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes....
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html