12318
This channel posts IT security related topics and especially alerts. Submissions over at @itsectalk welcome!
⚠️Firefox 0-day. Affects recent versions including ESR. Code execution vulnerability. (Severity: 🔸high) Further information: https://www.wordfence.com/blog/2016/11/emergency-bulletin-firefox-0-day-wild/
#alert #severityhigh #vulnerability #browser #firefox
⚠️ GNU tar extract pathname bypass CVE-2016-6321: enables file and directory overwrite attacks against the user
or system by using a crafted tar archive. In the worst-case scenario this vulnerability can lead to a full
system compromise (remote code execution as root). (severity: 🔷 low) Further Info: http://mcaf.ee/p46bzw
* GNU tar maintainer didn't consider this to be an issue. as a result mitigation in upstream GNU tar appears unlikely
#severitylow #linux
Are you affected by this Linux Kernel vulnerability? (This helps us creating relevant content for this channel!)
Читать полностью…
Are you using BIND? (Voting helps us creating relevant content for this channel)
Читать полностью…
📬 Letterbox dropping is a thing! Wouldn't this be an excellent day to warn your users? 👍🏼 Australian police reported cases of malware infected USB sticks being dropped in letterboxes. Further Info: http://yt.gl/lbdrop
#socialengineering #reminder #letterboxdropping
Feel free to forward this to the person in charge of compliance 🚨
⚠️ Microsoft Exchange Remote Vulnerability. Patches available! (severity: 🔸high) Further Information: http://yt.gl/16108
👾 Forward this message to your Exchange admins - they'll thank you later!
#alert #vulnerability #severityhigh #microsoft #exchange #rce
(Thanks so much to Rel for reporting these, write your mail address into that form next time so we can discuss!)
❗️ Foss hub downloads have been compromised. You should delete any installers front there. Further information: http://news.softpedia.com/news/hacker-compromises-fosshub-to-distribute-mbr-hijacking-malware-506932.shtml
#compromise #fosshub
Thanks to Rel (as usual) for reporting this through https://infected.io/telegram-submission
⚠️ httpoxy - a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. (Severity: 🔸high) Further information: https://httpoxy.org/
#alert #vulnerability #severityhigh #httpproxy #cgi #web
Thanks Rel for reporting through https://infected.io/telegram-submission
⚠️ Microsoft Windows Printer/Print server 🖨 wateringhole vuln! Fix is available. (Severity: 🔸high) Further information: http://blog.vectranetworks.com/blog/microsoft-windows-printer-wateringhole-attack
#alert #vulnerability #severityhigh #microsoft #windows #printserver
Thanks to Rel who keeps reporting this good stuff via our submission form at https://infected.io/telegram-submission
PS. Forward this to your fellow windows sysadmin friends ✌️🏼
⚠️ Critical Adobe Flash vulnerability. Remote code execution possible, exploit kits can already abuse this according to Adobe. Adobe has just released the adobe security bulletin. Update is NOT out yet and estimated for 16 June. Advisory APSA16-03 & CVE CVE-2016-4171. CVSSv3 8.2. (severity: 🔸high) Further Information: http://yt.gl/apsa1603
#alert #vulnerability #severityhigh #adobe #flash
Came accross a new vulnerability? Just read about one? Submit it to https://infected.io/telegram-submission please.
⚠️ ImageMagick und GraphicsMagick strike AGAIN. Code execution through manipulated filenames. CVE-2016-5118 has been fixed already CVSSv2: 6.2. (severity: 🔸high) Further Information: http://yt.gl/imgmgck
#alert #severityhigh #vulnerability #php #imagemagick #graphicsmagick
If you want submit the next alert you come accross at https://infected.io/telegram-submission - we'll then let the other readers know!
⚠️ Cisco ASA (Software V 9+) is vulnerable to DOS when using IPsec VPN with certain parameters. CVSS 6.3. (severity: 🔸high) Further information: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn
#alert #vulnerability #severityhigh #cisco #asa #vpn #idsearch
Forward to your sysadmin friends and colleagues 😬
⚠️ ImageMagick contains a serious Remote Code Execution Exploit! Please ensure to check CVE-2016–3714. Yes, that is that uploading a picture could lead to malicious code being executed! (severity: 🔸high) (I'm out of office, so no URL today guys, sorry!) #alert #vulnerability #severityhigh #imagemagick #php
Читать полностью…
⚠️ Java 7 and Java 8 vulnerability opens your computer to attackers. Remote code execution. (severity: 🔸high) Please see http://yt.gl/java78v for further Information.
#alert #vulnerability #severityhigh #oracle #java #java7 #java8
⚠️ nss-utils contains a buffer overflow vulnerability. Rated CVSS 6.8. 💾 Updates are being released as we release these news. (severity: 🔸high) Further information: http://yt.gl/nssutilsheap
#alert #vulnerability #severityhigh #nssutils #linux
Thanks for the anonymous user reporting it via https://infected.io/telegram-submission - please also use this form if you have further information.
Your colleagues which don't have telegram can subscribe to our ✉️ E-Mail alerts: https://infected.io/e-mail-it-security-alerts
⚠️ MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition : CVE-2016-6663 / OCVE-2016-5616
The vulnerability can allow a local system user with access to the affected
database in the context of a low-privileged account (CREATE/INSERT/SELECT grants)
to escalate their privileges and execute arbitrary code as the database system
user (typically 'mysql').
Successful exploitation would allow an attacker to gain access to all of the
databases stored on the affected database server.
(severity: 🔸 High ) Further Info: http://mcaf.ee/3fgpwd
#severityhigh #linux #MySQL #MariaDB #PerconaDB #alert #patchthis #2016 #warning #privilegeescalation #wedsday
⚠️ Flash critical vulnerability (Update now!) CVE-2016-7855: use-after-free vulnerability that could lead to code execution (severity: 🔸high) Further Info: http://mcaf.ee/jmx65k
#alert #vulnerability #severityhigh #linux #OSX #Windows #Flash #Remote #exploitednow
Please subscribe (and let your sysadmins subscribe) to our email alerts: https://infected.io/e-mail-it-security-alerts - just alerts, no spam.
⚠️ Linux -kernel-local-privilege-escalation-vulnerability-fix CVE-2016-5195: . A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (severity: 🔸high) Further Info: http://mcaf.ee/xoyfqr
#alert #vulnerability #severityhigh #linux #kernel #privilegeescalation #exploitednow
Please subscribe (and let your sysadmins subscribe) to our email alerts: https://infected.io/e-mail-it-security-alerts - just alerts, no spam.
⚠️ BIND remote DDOS Vuln. Patches available! (severity: 🔷 medium)
A previously high severity denial-of-service (DoS) vulnerability patched last month
in the popular DNS software BIND has been exploited in the wild to crash systems.
If you haven't, apply the patch!
Further Information: http://mcaf.ee/45b28j
✉️ Recommended forwarding this to your DNS team.
#alert #vulnerability #severitymedium #linux #bind #ddos
⚠️ MySQL - Remote exec, multiple conditions needed - CVE-2016-6662?: . The vulnerability affects MySQL servers in all version branches (5.7, 5.6, and 5.5) including the latest versions, and can allow attackers to (remotely) inject malicious settings into MySQL
configuration files (my.cnf) leading to critical consequences. (severity: 🔹medium) Further Info: http://yt.gl/mysqle5
#vulnerability #severitymedium #linux
#mysql
⚠️ IE9/IE10/IE10 - Microsoft Patches CVE-2016-3351 Zero-Day, Exploited By AdGholas and GooNky Malvertising Groups. (severity: 🔸high) Further Information: https://technet.microsoft.com/en-us/library/security/ms16-104.aspx
#alert #vulnerability #severityhigh #microsoft #internetexplorer #ie
⚠️ Firefox with multiple critical vulnerabilities - updates released. Possibly remote code execution. (Severity: 🔸 high) Further information: https://www.mozilla.org/en-US/security/advisories/
#alert #vulnerability #severityhigh #firefox #browser
⚠️ Cisco IOS and IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability 🤔 Workarounds exist. (Severity: 🔹medium) Further Information: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp
#alert #vulnerability #severitymedium #cisco #ios #bgp #router
📲 Forward this to your fellow network admins! 😜
⚠️ GoToMyPC got hacked and passwords compromised. Reset your passwords asap! Further information: http://status.gotomypc.com/incidents/s2k8h1xhzn4k
#alert #breach #gotomypc
Thanks to Rel for reporting through https://infected.io/telegram-submission - please forward this alert to your sysadmin buddies!
⚠️❓ Some time ago I reported that teamviewer accounts are being accessed. More and more users now report this throughout various platforms. ✉️ I suggest not using the permanent access features for now and making users aware that they should always close teamviewer when not using it. No breach has been confirmed by teamviewer yet.
Further information: http://arstechnica.com/security/2016/06/teamviewer-users-are-being-hacked-in-bulk-and-we-still-dont-know-how/
#alert #breach #teamviewer #unconfirmed
Thanks to WALK3R for sending it in as an alert. I wasn't sure if it's time for an alert yet, but you should be warned.
⚠️ Magento has a vulnerability allowing attackers to run php code via the SOAP and REST api 💣😱 CVSSv3 of 9.8! (Severity: 🔸high) more information: https://magento.com/security/patches/magento-206-security-update
#alert #severityhigh #vulnerability #magento
Remember you can report new vulnerabilities at https://infected.io/telegram-submission just like Jonas did with this one!
Know of anyone using magento? Better forward him this alert!
❓unconfirmed: you should keep an eye on teamviewer. There may have been an account compromise. Thread is at http://teamviewerforums.com/index.php?topic=3483.0 and if you search reddit and the Internet there is a high number of threads in the last month. Thanks to reader rel who reported to https://infected.io/telegram-submission
Читать полностью…
⏰ BadLock - a new vulnerability in samba/windows(?) will be released tomorrow! (severity: 🔸high) Please check the official vulnerability homepage at http://badlock.org/ for pre-information.
#alert #vulnerability #severityhigh #badlock #samba #windows
⚠️ Adobe Flash Player update released fixing a critical vulnerability which could allow the attacker to take control of the system. (severity: 🔸high) Further Information: Adobe Security Bulletin - http://yt.gl/adsecb116
#alert #vulnerability #severityhigh #adobe #adobeflash #flash
⚠️ Mac OS X apps... "Transmission" contained a keylogger and popular apps (such as VLC, Coda, Sequel Pro, iTerm etc) are vulnerable to a remote code execution via MITM attack thanks to the third-party updating framework they are using. (severity: 🔸high) Further Information: http://yt.gl/macapps1
#vulnerability #severityhigh #macosx #apps #transmission #coda #iterm #vlc
Thanks to Rel for reporting these via https://infected.io/telegram-submission - remember that you can now tell your colleagues to subscribe to ✉️ E-Mail alerts: https://infected.io/e-mail-it-security-alerts - no spam, 100% alerts.