12318
This channel posts IT security related topics and especially alerts. Submissions over at @itsectalk welcome!
For those asking: Yes, this Channel is indeed still active. But please note that we will most likely only notify on REALLY important vulnerabilities. Feel free to join our group over at @itsectalk as well.
Читать полностью…
⚠️ vSphere Data Protection (VDP) has multiple security vulns patched, including an authentication bypass!
* VDP arbitrary file upload vulnerability
* VDP authentication bypass vulnerability
* VDP path traversal vulnerability
If you use VDP, please look into patching it.
(Severity: 🔸 high)
More Info: http://yt.gl/vmware18
#alert #severityhigh #vdp #vmware #vsphere
This alert is brought to you by Cyborg REL from @itsectalk 😁 Feel free to forward this message to your vmware admins 👌🏼
⚠️ WD "My Cloud *" contains a hardcoded backdoor. It lets anyone log in as user mydlinkBRionyg with the password abc12345cba. It is fixed in firmware 2.30.174.
More info: http://yt.gl/wdmcbd
#alert #backdoor #wd #westerndigital #mycloud
Feel free to discuss this in @itsectalk and forward the message to your friends/family using WD my cloud.
⚠️🚨 Intel CPU design flaw! Will be fixed by Linux , macOS, Windows kernel redesigns. There will be a performance hit which will vary. Affected models are all "modern intel processors produced in the past decade". Please note that there are not many details out yet. More Info: http://yt.gl/intelexp
We advice to read vendor patch notices and prepare scheduled restarts of your systems.
#alert #vulnerability #intel #hardware #windows #macos #linux
🏅 Thanks to the security guys at https://dnstrails.com and the anonymous reporter.
📢 Forward this message to your Sysadmins
🎤 Join our chat at @itsectalk
Do you use macOS or do you know someone who alerts about macOS are useful to?
Читать полностью…
❗️Uber suffered a massive hack in 2016 and disclosed it just now. I highly recommend you to read the announcement yourself: http://yt.gl/qcje2
#disclosure #dataleak #uber #databreach #hacked
Please note: if you are using automated alerts, please ensure you monitor for the alert hashtag. Any item not tagged with alert should not trigger any alert on your side. More information: https://infected.io/it-security-alerts-telegram-channel
Discuss here: @itsectalk ✌🏼️
⚠️‼️ WPA2 (which most personal and cooperate wi-fi use) has several protocol-level flaws. Be adviced that no details are known yet, security researchers will release them later today. (No severity rating from our side until we have more information)
More info: http://yt.gl/krackattack (this will be released later today)
http://yt.gl/krcm7 (Arstechnica with all current info)
#alert #prenotification #exploit #zeroday #wifi #wireless #wpa2
Please feel free to discuss this in our @itsectalk group & forward 📬 to your net- and sysadmins!
⚠️ 2.2 Million infected CCleaner installations! Check if your clients have CCleaner installed . (Severity: 🔸 high) Further Information:
on Forbes http://yt.gl/s2x0c and on talos http://yt.gl/0h0hc
#severityhigh #malware #alert #ccleaner
Thanks to the submission by WALK3R to https://infected.io/alert-submission 🙌🏼
Feel free to forward this to your internal IT admins... 😇
⚠️ Apache Struts remote code execution vulnerability! CVSSv3 Base Score 8.1 -(Severity: 🔸 high) Further Information: http://yt.gl/8rnd1
#severityhigh #vulnerability #alert #apache #struts
Thanks to the anonymous report via https://infected.io/alert-submission
⚠️ Intel AMT Privilege Escalation vulnerability. It's affecting almost all FW versions. Rating is "Critical" with a CVSS of 9.8 for one vulnerability. (Severity: 🔶high) Further Info: http://yt.gl/ybyg1
#severityhigh #vulnerability #alert #intel #amt
Forward this to your internal IT. Often Intel AMT is featured by most computers - even though you might have never heard of it.
⚠️ Confluence Wiki has a cirtical vulnerability allowing unauthorized users to access your pages. Affected: Versions above 6.0.0 - fixed in 6.0.7 and 6.1.0 (Severity: 🔸 high) Further Information: http://yt.gl/4rvuv
#alert #severityhigh #vulnerability #atlassian #confluence #wiki
📬 Forward this to your sysadmin friends and help them protect their data! Join our discussion group at /channel/itsectalk @itsectalk ✉️
⚠️ Imagemagick DoS/Possible RCE vulnerabilities. Updates released on debian/suse. (Severity: 🔸high) Further Information: https://lists.debian.org/debian-security-announce/2017/msg00052.html
#alert #vulnerability #severityhigh #imagemagick #imageprocessing
Join our discussion group at /channel/itsectalk @itsectalk and feel free to forward this message to your fellow sysadmins! ✉️ Thanks to Univaniwo for reporting this.
⚠️ Important Oracle Java updates fixing CVSS 9.6+ vulnerabilities out! Update your clients ASAP! (Severity: 🔸high) Further Information: http://yt.gl/javasejan
#alert #severityhigh #vulnerability #java #oracle
Don't forget to join our new telegram group at /channel/itsectalk @itsectalk if you want to discuss this vulnerability.
🔕 Hi everyone! First of all I want to thank you for casting your vote - you are a really helpful audience 🙌🏼 Second: we are about to say goodbye to 2016. IT Security has been important as never before and it's a sector which will keep growing for quite some time. Our job? Attackers are advancing and so are we. Real time alerts about vulnerabilities have never been so important as now.
We hope that our contributions helped keeping your systems and company secure. We also want to take the chance to wish you a great year 2k17 🎉.
Over n' out, your @itsecguy 👀
PS. The group will be announced separately within the next days.
Are you affected by this PHP related vulnerability? (This helps us creating relevant content for this channel!)
Читать полностью…
⚠️ Signal, Skype, Slack, Rot, Keeper and all other Electron apps contain a remote code execution vulnerability. Electron released a fix.
* Affected Desktop apps: Signal, Skype, Slack, Rot, Keeper (and many others - see https://yt.gl/electronapps)
* Electron Apps with default prtocol handler (like myapp:// ) are vulnerable
* The devlopers should generate an update asap
Advice: Do not click on any untrusted links. Do not allow webpages to open electron desktop apps.
If you develop (!) Electron Apps, please update to the newest versions: 1.8.2-beta.4, 1.7.11 and 1.6.16 and send an update to your customers.
Skype (newest version) and slack (3.0.3) are already fixed.
"Full" list of all Electron Apps: https://yt.gl/electronapps
macOS and Linux are not vulnerable to this issue.
CVE-2018-1000006
(Severity: 🔸 high ) More Info: https://yt.gl/p0xta
#alert #severityhigh #electron #windows
Thanks to @JonasMuc and @CyborgRel from the @itsectalk admin team for reporting and gathering information on this vulernability. Please forward the info to the team responsible for updating desktop apps!
⚠ Critical CSRF Security Vulnerability in phpMyAdmin Database Tool Patched:
"By deceiving a user to click on a crafted URL," the advisory states,
"it is possible to perform harmful database operations such as deleting
records, dropping/truncating tables, etc."
The attack reportedly works even if the user was authenticated in cPanel and phpMyAdmin was closed after use
(Severity: 🔹medium ) More Info: http://yt.gl/3u94c
#alert #severitymedium #PHP #MYSQL
⚠️🔄 Meltdown and Spectre affect Intel, AMD and ARM processors. Every processor since 1995 (except Intel Itanium and Intel Atom before 2013) is affected. Especially dangerous on hypervisors.
— Further Information —
Researcher Info: http://yt.gl/meltdown
Intel: http://yt.gl/ih062 | AMD: (no statement)
Microsoft: http://yt.gl/9c1qm | Red Hat: http://yt.gl/7ektf | SUSE: http://yt.gl/6u80m | Ubuntu: http://yt.gl/iy49w
#alert #updated #vulnerability #intel #amd #arm #hardware #windows #macos #linux
📢 Forward this message to your friends & colleagues
🎤 Join our chat at @itsectalk to discuss this issue
⚠️ TLS - It may be possible to obtain the secret key to a TLS connection via ROBOT attack. Affected users and system administrators are encouraged to disable TLS RSA cyphers if possible. (severity: 🔹medium) Further Info: http://www.kb.cert.org/vuls/id/144389
#vulnerability #severitymedium #linux
#SSL #TLS
⚠ macOS High Sierra allows root login without password! Sounds like a bad joke - unfortunately it's true. Workaround provided - Apple is working on resolving the problem. (Severity: 🔸high) More Info: http://yt.gl/macosroot
#alert #severityhigh #macos #macoshighsierra #vulnerability
This was reported by Chris from http://dnstrails.com/ - If you want to discuss this issue, join us on @itsectalk - Feel free to forward to your macOS friends ;)
⚠️ Update WPA2: The details have been released and can be found at http://yt.gl/krackattack - basically every setup is vulnerable by now. Vendors will be able to patch the flaw and it will be backwards-compatible. Priority should be updating clients! Vendors were notified 14 July and some have patches available. Please ensure to read the disclosure above.
#alert #severityhigh #wpa2 #wifi
Linux (CentOS6/7, Red Hat 6/7 - many builds affected) PIE Stack corruption leads to Local Privilege Escalation. (No severity rating from our side) Further information: https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt
#alert #exploit #linux #centos #redhat
Thanks for the anonymous submission to https://infected.io/alert-submission 👍🏻 keep reporting and help sysadmins around the globe 🌏
⚠️ Python - malicious packets found. Ensure that you have the correct libraries and no affected ones installed on your systems! (No severity rating from our side). Further information: http://yt.gl/4uy72
#vulnerability #alert #python #pip
Please forward this to your sysadmins. Feel free to join our IT Security Telegram Group as well: /channel/itsectalk 🏅
🔕 This channel is not dead. Please remember to report vulnerabilities via https://infected.io/alert-submission and discuss them in @itsectalk so we know they are relevant for people!
Over n' out.
⚠️ℹ️ Hipchat (hosted) is also affected. Mail addresses and some other information has been accessed by an attacker. *INFO* Right now the download pages seem to be down and there are several outages in the Atlassian ecosystem. Check out http://yt.gl/n7mug and the status page at http://status.atlassian.com/
#alert #severityhigh #databreach #hacked #atlassian #hipchat #confluence #wiki #chat
📬 Forward this to your sysadmin friends and help them protect their data! Join our discussion group at /channel/itsectalk @itsectalk ✉️
⚠️ WordPress fixes 6 possible XSS vulnerabilities and 39 bugs. Please update your installation. (Severity: 🔸high) Further information: https://codex.wordpress.org/Version_4.7.3
#alert #vulnerability #severityhigh #wordpress
Useful to you? It might be useful for your sysadmin friends as well - feel free to forward this message!
⚠️ Cloudflare Memory Leak vulnerability. It's fixed and they're sending out mails to affected customers. Further information: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
#alert #vulnerability #memoryleak #provider #cloudflare
Discuss this vulnerability in our new telegram group at /channel/itsectalk @itsectalk
🔕 Thanks for voting. We have created a group which you can join and discuss with other ITSEC interested people. Feel free to ask questions and post interesting ressources.
➡️ Join here /channel/itsectalk // @itsectalk ⬅️
📲 Please forward this to your sysadmin friends and other people which could profit from the group.
❓ Please excuse this message on our own behalf. We have been asked several times if there is a good chat group about ITSEC on telegram - and there isn't any. Would you be interested in an actual group where you can talk to other ITSEC interested people? #
😶 Okay. I would join, but most likely not participate. – 232
👍👍👍👍👍👍👍 48%
😀 That would be great, I would join and participate! – 213
👍👍👍👍👍👍 44%
😒 No. I don't think that's a good idea. Would not join. – 38
👍 8%
👥 483 people voted so far.
⚠️🚨 Extremely critical RCE in PHPMailer! If you got ANY PHP application -> check it ASAP! The POC exploit code is in the wild - we expect large scale attacks tryign to abuse this flaw shortly!
(Severity: 🔸high) Further Information: http://yt.gl/phpmailer
#alert #severityhigh #vulnerability #zeroday #php #phpmailer
Thanks for your anonymous reports through https://infected.io/alert-submission - help us and report vulnerabilities which affect the mass!
📲 Forward this to your admin colleagues & friends!