12318
This channel posts IT security related topics and especially alerts. Submissions over at @itsectalk welcome!
⚠️ OpenSSL "DROWN" Vulnerability (affecting SSLv2) released. (severity: 🔸high) Further Information: http://yt.gl/drownattack
#vulnerability #severityhigh #openssl
⏰ Release of OpenSSL patch 1.0.2g and 1.0.1s fixing several security defects with maximum severity is announced. (severity: 🔸high) Further Information: http://yt.gl/openssl16
#vulnerability #severityhigh #openssl
Thanks to reader patschi for the submission through https://infected.io/telegram-submission
⚠️ (Local/Physical access required) CVE-2016-2384: arbitrary code execution due to a double-free in the usb-midi linux kernel driver (severity: 🔹medium) Further information: http://yt.gl/usblinmid
#vulnerability #severitymedium #linux
Thanks to Andrey Konovalov @andreyknvl for the submission through https://infected.io/telegram-submission
🔕😭 If you got a Mvpower DVR... throw it in the trashcan right now! Usually this wouldn't get an announcement here - but this is just hilarious. Further Information: http://yt.gl/wum0y
#mvpower #dvr #rootshell
Thanks for your submission, anonymous reporter! (via https://infected.io/telegram-submission)
⚠️ All UBNT devices (except EdgeRouter) have the same key/cert for HTTPS (severity: 🔹medium) Further Information: https://www.shodan.io/report/MXTZWxf0
#severitymedium #ubiquiti #ubnt
Thanks to reddit user /u/mikermol for submitting this through https://infected.io/telegram-submission
⚠️ New critical security patch for Adobe Flash has been released. (severity: 🔸high) Further Information: Adobe Security Bulletin APSB16-04 -> http://yt.gl/rtz5t
#alert #vulnerability #update #severityhigh #adobe #adobeflash
⚠️ WordPress 4.4.2 has been released, containing 2 security fixes. (Further information at https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/) (severity: 🔸high) #wordpress #severityhigh #update
Читать полностью…
⚠️ Under certain circumstances fox.com might serve malware. Please inspect your DNS caches and follow the discussion at DNS-OARC: http://yt.gl/xcaup
Читать полностью…
Welcome to IT Security Alerts. We aim to be a medium traffic channel, meaning that you shouldn't get too many notifications. Please submit news at https://infected.io/telegram-submission
Читать полностью…
⚠️ Tricky spam – real message forward with passworded mail attachment. You probably want to warn your users of this new type of virus mails. Further Information: http://yt.gl/pwvirus
#virus #spam #mail
Also check our our new E-Mail alerting service (for colleagues which don't have Telegram!)
https://infected.io/e-mail-it-security-alerts
⚠️ PHP Crypto Trojan infects more and more servers. CTB-Locker crypts your webservers files. Watch out and update ✔️ your PHP applications/server software. Details are at http://yt.gl/cbtphp
#hacked #severityhigh #php #webserver #cbt #trojan
We also have a RSS feed at https://infected.io/feed
⚠️ Linux Mint ISOs from the 20th February 2016 were hacked and contain a backdoor. If you've downloaded ISOs on that date, please verify if you're affected or not. (severity: 🔸high) Further Information: http://yt.gl/mintha
#alert #hacked #severityhigh #linux #mint
⚠️ CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow vulnerability - potentially all linux OS affected. (severity: 🔸high) Further Information: http://yt.gl/20157547
#alert #vulnerability #severityhigh #linux #glibc
Thanks to the anonymous user reporting it via https://infected.io/telegram-submission
⚠️ Setting the date to 1 January 1970 will brick iPhone, iPad or iPod touch. **When connected to public Wi-Fi, iPhone calibrates its time settings with an NTP server.** Attackers can send malicious NTP requests to adjust every iPhone's time settings to January 1, 1970, hence brick every iPhone connected to the same network. Worldwide Apple Store are being made aware that disconnecting the battery and reconnecting fixes the issue. It should be common knowledge to all stores worldwide by tomorrow. (severity: 🔹medium) Further Information: http://yt.gl/bpoei
#alert #vulnerability #severitymedium #apple #iphone #ipad
Submitted through https://infected.io/telegram-submission
🔕 We're now tagging our messages so you can do active/passive alerting based on our channel. You can find more information about the tags on https://infected.io/it-security-alerts-telegram-channel
Help us grow and spread the word to your sysadmin/itsec friends - they'll for sure appreciate it!
#infectedio
⚠️ Chrome vulnerabilities allow for DOS attack. Multiple unspecified vulnerabilities in Google Chrome before 48.0.2564.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. (Further Info at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1620) (severity: 🔸high) - This vulnerability was reported through https://infected.io/telegram-submission (Thanks for your submission!)
Читать полностью…
⚠️ New OpenSSL Security Advisory: https://mta.openssl.org/pipermail/openssl-announce/2016-January/000061.html (severity: 🔸high)
Читать полностью…