Sys-Admin InfoSec

19 Jan 2023 18:29

Sudoedit allowing a local attacker to append arbitrary entries to the list of files to process

https://ubuntu.com/security/CVE-2023-22809

P.S. thx for the link @clevergod : ✌️

Sys-Admin InfoSec

19 Jan 2023 09:45

Открытый практикум Golang by Rebrain: Observability. Логи, метрики, трейсы
 
• Библиотеки для логов и их особенности
• Чем и как мониторить приложение
• Как писать трейсы
• Как использовать контексты

• 26 Января (Четверг), 20:00 по МСК. Детали
• Сергей Парамошкин - Технический менеджер Яндекс.Поиск

Sys-Admin InfoSec

18 Jan 2023 07:02

Open BLD DNS Updates: Site platform / Web UI
 
I finally got to the Sys-Admin Lab web site UI, I haven't planned interfaces and colors like HTML body background or link colors for a long time, and today I want to introduce you:

• ☀️ Light/ 🌑 Dark themed site
• Multi-language site
• Documentation Wiki space
• Fully migrated from scratch from Vue Nuxt2 > Nuxt3 engine
• More speed from Nitro engine and UI flexability form Bulma framework
• "Thanks" section legend - Who help testing: 💪 and Contribute: ⚡️

Of course, there is still a lot to do, and I don't know how yet, but I am sure that with your help I will be able to go further and develop the project further and more 🙂

• check and see: https://lab.sys-adm.in

Sys-Admin InfoSec

17 Jan 2023 13:31

/ Decrypted: BianLian Ransomware

The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022:

https://decoded.avast.io/threatresearch/decrypted-bianlian-ransomware/

Sys-Admin InfoSec

16 Jan 2023 06:35

1300+ domains are hosting a webpage that impersonates the official AnyDesk website (added to Open BLD)

— https://www.bleepingcomputer.com/news/security/over-1-300-fake-anydesk-sites-push-vidar-info-stealing-malware/

Sys-Admin InfoSec

14 Jan 2023 08:19

/ Vulnerability Spotlight: Asus router access, information disclosure, denial of service vulnerabilities discovered

https://blog.talosintelligence.com/vulnerability-spotlight-asus-router-access-information-disclosure-denial-of-service-vulnerabilities-discovered/

Sys-Admin InfoSec

13 Jan 2023 03:06

/ Forti Execute unauthorized code or commands

https://www.fortiguard.com/psirt/FG-IR-22-398

Sys-Admin InfoSec

12 Jan 2023 09:45

Открытый практикум Networks by Rebrain: Разграничение доступа между сетями на основе ACL
 
• 19 Января (Четверг) в 20:00 по МСК
• Детали

Программа практикума:
• Виды списков контроля доступа
• Критерии фильтрации пакетов
• Примеры настройки ACL

• Ольга Яновская - Ph.D. in Information Technology. Cisco NetAcad Instructor / NetAcad Success Lead / Instructor-Trainer.

Sys-Admin InfoSec

11 Jan 2023 09:51

/ StrongPity espionage campaign targeting Android users

https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users/

Sys-Admin InfoSec

11 Jan 2023 01:53

/ Default setup: A new way to enable GitHub code scanning

https://github.blog/2023-01-09-default-setup-a-new-way-to-enable-github-code-scanning/

Sys-Admin InfoSec

10 Jan 2023 01:53

/ Can You Trust Your VSCode Extensions?

https://blog.aquasec.com/can-you-trust-your-vscode-extensions

Sys-Admin InfoSec

08 Jan 2023 15:29

/ A Deep Dive Into poweRAT: a Newly Discovered Stealer/RAT Combo Polluting PyPI

https://blog.phylum.io/a-deep-dive-into-powerat-a-newly-discovered-stealer/rat-combo-polluting-pypi

Sys-Admin InfoSec

06 Jan 2023 17:27

/ PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources

…automated account creation cases bypassed CAPTCHA images using simple image analysis techniques... creation of more than 130,000 user accounts created on various cloud platform services like Heroku, Togglebox and GitHub..:

https://unit42.paloaltonetworks.com/purpleurchin-steals-cloud-resources/

Sys-Admin InfoSec

06 Jan 2023 10:44

/ SQL Injection vulnerability (CVE-2022-47523) was discovered in Password Manager Pro, PAM360 and Access Manager Plus

https://www.manageengine.com/privileged-session-management/cve-2022-47523.html

Sys-Admin InfoSec

05 Jan 2023 16:46

/ Slack GitHub repos had suspicious access

https://slack.com/intl/en-gb/blog/news/slack-security-update

Sys-Admin InfoSec

19 Jan 2023 15:26

/ Detecting Fake Events in Azure Sign-in Logs

— https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html

Sys-Admin InfoSec

19 Jan 2023 05:01

/ Vulnerabilities in TP-Link routers

TP-Link and their latest firmware available as of January 11, 2023, have two vulnerabilities DoS, RCE..:

https://kb.cert.org/vuls/id/572615

Sys-Admin InfoSec

18 Jan 2023 05:40

/ Git security vulnerabilities announced

Git users are encouraged to upgrade to the latest version, especially if they use git archive, work in untrusted repositories, or use Git GUI on Windows

https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/

Sys-Admin InfoSec

16 Jan 2023 07:46

EyeSpy - Spyware Delivered in VPN Installers

https://www.bitdefender.com/blog/labs/eyespy-iranian-spyware-delivered-in-vpn-installers/

Sys-Admin InfoSec

15 Jan 2023 19:36

/ Linux kernel stack buffer overflow in nftables

https://www.openwall.com/lists/oss-security/2023/01/13/2

Sys-Admin InfoSec

13 Jan 2023 03:10

/ Microsoft Exchange Server Elevation of Privilege Vulnerability

Released: 8 Nov 2022 Last updated: 15 Dec 2022:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080

Sys-Admin InfoSec

13 Jan 2023 03:01

/ Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Vulnerabilities

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5

Sys-Admin InfoSec

11 Jan 2023 13:42

/ Norton, Avira, Avast and AVG Antivirus for Windows may be susceptible to a Privilege Escalation vulnerability

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4294

Sys-Admin InfoSec

11 Jan 2023 07:50

/ Zoom Multiple Vulnerabilities

Path traversal, privilege escalation…

Patches:
— https://explore.zoom.us/en/trust/security/security-bulletin/

Sys-Admin InfoSec

10 Jan 2023 02:48

/ SRE vs. DevOps vs. Platform Engineering

https://thenewstack.io/sre-vs-devops-vs-platform-engineering/

Sys-Admin InfoSec

09 Jan 2023 06:03

/ After scanned every package on PyPi and found 57 live AWS keys

from organisations like:

- Amazon themselves
- Intel
- Stanford, Portland and Louisiana University
- The Australian Government
- ...

https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/

Sys-Admin InfoSec

07 Jan 2023 12:34

Invictus-AWS

Is a python script that will help automatically enumerate and acquire relevant data from an AWS environment. The tool doesn't require any installation it can be run as a standalone script with minimal configuration required. The goal for Invictus-AWS is to allow incident responders or other security personnel to quickly get an insight into an AWS environment:

— https://github.com/invictus-ir/Invictus-AWS

Sys-Admin InfoSec

06 Jan 2023 17:23

/ CircleCI security alert: Rotate any secrets stored in CircleCI

https://circleci.com/blog/january-4-2023-security-alert/

Sys-Admin InfoSec

06 Jan 2023 09:24

/ Get root on macOS 13.0.1 with CVE-2022-46689, the macOS Dirty Cow bug

https://worthdoingbadly.com/macdirtycow/

P.S. thx for the link @clevergod ✌️

Sys-Admin InfoSec

04 Jan 2023 19:44

/ Shc Linux Malware Installing CoinMiner

https://asec.ahnlab.com/en/45182/