Sys-Admin InfoSec

23 Feb 2023 09:45

Открытый практикум Networks by Rebrain: Введение в MPLS
 
Программа:
• необходимость mpls
• протоколы распространения меток
• форвардинг по меткам

• 2 Марта (Четверг), 19:00 по МСК. Детали
• Дмитрий Радчук - Team Lead Вконтакте. CCIE x4. Опыт работы с сетями больше 12 лет.

P.S. Запись практикума “DevOps by Rebrain” в подарок за регистрацию

Sys-Admin InfoSec

22 Feb 2023 02:56

/ VMware ESXi 7.0 Update 3k Release Notes

Critical patch

https://docs.vmware.com/en/VMware-vSphere/7.0/rn/vsphere-esxi-70u3k-release-notes.html#resolvedissues

Sys-Admin InfoSec

22 Feb 2023 02:53

/ QR code generator My QR Code leaks users’ login data and addresses

https://www.hackread.com/qr-code-generator-my-qr-code-data-leak/

Sys-Admin InfoSec

20 Feb 2023 07:18

/ GoDaddy > GoHacked

Official statement on recent website redirect issues:

https://aboutus.godaddy.net/newsroom/company-news/news-details/2023/Statement-on-recent-website-redirect-issues/default.aspx

Sys-Admin InfoSec

20 Feb 2023 03:39

/ Account Takeover Vulnerability in a Popular Package, Affecting 1000+ Organizations


illustria’s research team finds a popular npm package with nearly 4 million weekly downloads, vulnerable to account takeover attack..:

https://blog.illustria.io/illustria-discovers-account-takeover-vulnerability-in-a-popular-package-affecting-1000-8aaaf61ebfc4?gi=10ee34fdeff8

Sys-Admin InfoSec

18 Feb 2023 07:54

/ Mirai Variant V3G4 Targets IoT Devices

https://unit42.paloaltonetworks.com/mirai-variant-v3g4/

Sys-Admin InfoSec

16 Feb 2023 13:17

/ Hijack Explorer Context Menu for Persistence & Fun

Learn how I hijacked the explorer context menu to execute my beacon at each right click on a file/folder:

— https://ristbs.github.io/2023/02/15/hijack-explorer-context-menu-for-persistence-and-fun.html

Sys-Admin InfoSec

16 Feb 2023 08:53

/ ClamAV fixed a possible remote code execution vulnerability

https://blog.clamav.net/2023/02/clamav-01038-01052-and-101-patch.html

Sys-Admin InfoSec

15 Feb 2023 16:50

/ Citrix Releases Security Updates for Workspace Apps, Virtual Apps and Desktops

Emergency note from CISA:

https://www.cisa.gov/uscert/ncas/current-activity/2023/02/14/citrix-releases-security-updates-workspace-apps-virtual-apps-and

Sys-Admin InfoSec

15 Feb 2023 13:42

/ VMware ESXi 8.0b Release Notes

https://docs.vmware.com/en/VMware-vSphere/8.0/rn/vsphere-esxi-80b-release-notes/index.html

Sys-Admin InfoSec

14 Feb 2023 11:41

Network Pentesting MindMap

— https://github.com/c4s73r/NetworkNightmare

Sys-Admin InfoSec

14 Feb 2023 08:02

/ iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day

CVE-2023-23529 - bug in the WebKit browser engine that could be activated when processing maliciously crafted web content, culminating in arbitrary code execution:

— macOS: https://support.apple.com/en-us/HT213633
— iOS: https://support.apple.com/en-us/HT213635
— Safari: https://support.apple.com/en-us/HT213638

Sys-Admin InfoSec

13 Feb 2023 03:10

/ Globalping CLI

This CLI tool provide access a global network of probes without leaving console. In short: this tool allow use ping from different regions from the world, example:

globalping ping lab.sys-adm.in --from "Paris"

Tool supplied in docker, or pre-builded packages, or own build binary which can build with Go. Repo:

— https://github.com/jsdelivr/globalping-cli

Tis project has API, which can try on link: https://api.globalping.io/demo/

Sys-Admin InfoSec

09 Feb 2023 14:13

/ High Vulnerability – Dahua – CVE-2022-30564

Redinent Researchers discovered unauthorised device timestamp modification vulnerability in Dahua products.

— https://www.redinent.com/blog/dahua-cve-2022-30564/

Sys-Admin InfoSec

09 Feb 2023 09:45

Открытый практикум Networks by Rebrain: Мониторинг и управление устройствами по протоколу SNMP
 
Программа:
• Компоненты SNMP протокола
• OID и MIB
• Примеры настройки и управления по SNMP для решения задач автоматизации

• 16 Февраля (Четверг), 20:00 по МСК. Детали
• Ольга Яновская - Руководитель Networks by Rebrain. Ph.D. in IT. Cisco NetAcad Instructor.

Sys-Admin InfoSec

22 Feb 2023 08:03

/ CISA Adds Three Known Exploited Vulnerabilities to Catalog

..These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise..:

https://www.cisa.gov/uscert/ncas/current-activity/2023/02/21/cisa-adds-three-known-exploited-vulnerabilities-catalog

Sys-Admin InfoSec

22 Feb 2023 02:54

/ VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)

Hight

https://www.vmware.com/security/advisories/VMSA-2023-0004.html

Sys-Admin InfoSec

21 Feb 2023 17:09

/ Trellix Advanced Research Center Discovers a New Privilege Escalation Bug Class on macOS and iOS

https://www.trellix.com/en-us/about/newsroom/stories/research/trellix-advanced-research-center-discovers-a-new-privilege-escalation-bug-class-on-macos-and-ios.html

Sys-Admin InfoSec

20 Feb 2023 06:10

/ Dirty bug in HAProxy's headers processing, and that, when properly exploited, this bug allows to build an HTTP content smuggling attack

HAProxy Security Update (CVE-2023-25725)

https://www.mail-archive.com/haproxy@formilux.org/msg43229.html

Sys-Admin InfoSec

18 Feb 2023 17:20

/ Malware Abuses Microsoft IIS Feature to Establish Backdoor

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/frebniis-malware-iis

Sys-Admin InfoSec

17 Feb 2023 11:57

/ Atlassian Data Leak 🤦

Atlassian has confirmed that a breach at a "third-party vendor" caused a recent leak of company data and that their network and customer information..:

https://www.bleepingcomputer.com/news/security/atlassian-says-recent-data-leak-stems-from-third-party-vendor-hack/

Sys-Admin InfoSec

16 Feb 2023 09:45

Открытый практикум DevOps by Rebrain: Ansible 101
 
• Установка окружения
• Ad-hoc магия ansible
• Композиция playbook

• 21 Февраля (Вторник), 20:00 по МСК. Детали
• Павел Фискович - Инженер с 2009 года. Мечтатель. Отец. He/him

Sys-Admin InfoSec

16 Feb 2023 02:52

/ Remote code execution flaw patched in Apache Kafka

https://portswigger.net/daily-swig/remote-code-execution-flaw-patched-in-apache-kafka

Sys-Admin InfoSec

15 Feb 2023 15:54

/ Android launches yet another way to spy on users with “Privacy Sandbox” beta

https://arstechnica.com/gadgets/2023/02/googles-privacy-sandbox-advertising-system-arrives-on-android-in-beta/

Sys-Admin InfoSec

15 Feb 2023 02:41

/ Windows Graphics Component Remote Code Execution Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21823

Sys-Admin InfoSec

14 Feb 2023 08:20

/ Crypto Wallet Address Replacement Attack

https://blog.phylum.io/phylum-discovers-revived-crypto-wallet-address-replacement-attack

Sys-Admin InfoSec

13 Feb 2023 16:50

/ Fool’s Gold: dissecting a fake gold market pig-butchering scam

Scammers use counterfeit bank website, hijacked legitimate app to defraud and steal identifying information:

https://news.sophos.com/en-us/2023/02/13/fools-gold-dissecting-a-fake-gold-market-pig-butchering-scam/

Sys-Admin InfoSec

10 Feb 2023 08:55

/ Reddit was hacked

Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to some internal documents, code, and some internal business systems..:

https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/

Sys-Admin InfoSec

09 Feb 2023 14:10

Bash scripting - DNS Tester Tool

DNS Tester Tool can test speed response for IP addresses from list and collect and show speed statistics in terminal:

— IP address
— Average response
— Minimal time of response
— Maximum time of response

• [en] - https://lab.sys-adm.in/blog/tool-dns-tester
• [ru] - https://lab.sys-adm.in/ru/blog/tool-dns-tester

Sys-Admin InfoSec

09 Feb 2023 07:09

/ THREAT ALERT: GootLoader - SEO Poisoning and Large Payloads Leading to Compromise

Full deep dive analyses