Cisco SD-WAN vManage Software Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy
Cisco
Cisco Security Advisory: Cisco SD-WAN vManage Software Vulnerabilities
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system.
For more information about these…
For more information about these…
Cloudflare уменьшает количество используемых IPv4 адресов
Cloudflare is making infrastructure changes to simplify customer configuration, and reduce the number of IPv4 addresses that could potentially interact with your origin on Cloudflare’s behalf.
If your security model relies on allowing a list of trusted Cloudflare IPs from cloudflare.com/ips (or via API) on your origin, please make the following changes to your allow list by May 7, 2021. This change is safe to make today.
Remove:
104.16.0.0/12
Add:
104.16.0.0/13
104.24.0.0/14
This change delists the 104.28.0.0/14 prefix, which is no longer in use by Cloudflare infrastructure.
Cloudflare is making infrastructure changes to simplify customer configuration, and reduce the number of IPv4 addresses that could potentially interact with your origin on Cloudflare’s behalf.
If your security model relies on allowing a list of trusted Cloudflare IPs from cloudflare.com/ips (or via API) on your origin, please make the following changes to your allow list by May 7, 2021. This change is safe to make today.
Remove:
104.16.0.0/12
Add:
104.16.0.0/13
104.24.0.0/14
This change delists the 104.28.0.0/14 prefix, which is no longer in use by Cloudflare infrastructure.
Cloudflare
IP Ranges | Cloudflare
This page is intended to be the definitive source of Cloudflare’s current IP ranges.
Linux kernel incorrect computation of branch displacements in BPF JIT compiler can be abused to execute arbitrary code in Kernel mode
https://www.openwall.com/lists/oss-security/2021/04/08/1
https://www.openwall.com/lists/oss-security/2021/04/08/1
Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
https://us-cert.cisa.gov/ncas/alerts/aa21-008a
https://us-cert.cisa.gov/ncas/alerts/aa21-008a
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
HAProxy Forwards Over 2 Million HTTP Requests per Second on a Single Arm-based AWS Graviton2 Instance - HAProxy Technologies
https://www.haproxy.com/blog/haproxy-forwards-over-2-million-http-requests-per-second-on-a-single-aws-arm-instance/
https://www.haproxy.com/blog/haproxy-forwards-over-2-million-http-requests-per-second-on-a-single-aws-arm-instance/
HAProxy Technologies
HAProxy Exceeds 2 Million RPS on a Single Arm Instance
First ever software load balancer exceeds 2 million RPS on a single Arm instance! We're near an era where you get the world’s fastest load balancer for free.
GitHub - brad-lin/FreePSXBoot: Exploit allowing to load arbitrary code on the PSX using only a memory card (no game needed)
https://github.com/brad-lin/FreePSXBoot
https://github.com/brad-lin/FreePSXBoot
GitHub
GitHub - brad-lin/FreePSXBoot: Exploit to allow loading arbitrary code on the PSX using only a memory card (no game needed)
Exploit to allow loading arbitrary code on the PSX using only a memory card (no game needed) - brad-lin/FreePSXBoot
Malware in the AppGallery - the official app store from the Huawei Android device manufacturer
https://news.drweb.com/show/?lng=en&i=14182&c=9
https://news.drweb.com/show/?lng=en&i=14182&c=9
Dr.Web
Malware found on the AppGallery app store for the first time
Doctor Web’s virus analysts have uncovered the first malware on AppGallery―the official app store from the Huawei Android device manufacturer. They turned out to be dangerous Android.Joker trojans that function primarily to subscribe users to premium mobile…
SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE
https://ssd-disclosure.com/ssd-advisory-qnap-pre-auth-cgi_find_parameter-rce/
https://ssd-disclosure.com/ssd-advisory-qnap-pre-auth-cgi_find_parameter-rce/
SSD Secure Disclosure
SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE - SSD Secure Disclosure
TL;DR Find out how a memory corruption vulnerability can lead to a pre-auth remote code execution on QNAP QTS’s Surveillance Station plugin. Vulnerability Summary QNAP NAS with “Surveillance Station Local Display function can perform monitoring and playback…
Name:Wreck
Forescout Research Labs and JSOF discover nine new vulnerabilities affecting four popular TCP/IP stacks used in millions of IoT, OT and IT devices:
https://www.forescout.com/research-labs/namewreck/
Forescout Research Labs and JSOF discover nine new vulnerabilities affecting four popular TCP/IP stacks used in millions of IoT, OT and IT devices:
https://www.forescout.com/research-labs/namewreck/
Forescout
NAME:WRECK - Forescout
NAME:WRECK NAME:WRECK Vedere Labs and JSOF discover nine new vulnerabilities affecting four popular TCP/IP stacks used in millions of IoT, OT and IT devices. Read Report 9 DNS-Related Vulnerabilities 4 TCP/IP Stacks 100M+ Estimated Devices Affected NAME:WRECK…
В новом релизе Chrome закрыт ряд High уязвимостей
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html?m=1
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html?m=1
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 89.0.4389.128 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list ...
Released: April 2021 Exchange Server Security Updates
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617
https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617
https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/
TECHCOMMUNITY.MICROSOFT.COM
Released: April 2021 Exchange Server Security Updates | Microsoft Community Hub
We are releasing a set of security updates for Exchange Server 2013, 2016 and 2019.
Why Brave Disables FLoC | Brave Browser
https://brave.com/why-brave-disables-floc/
https://brave.com/why-brave-disables-floc/
Brave
Why Brave Disables FLoC | Brave
Brave opposes FLoC, a recent Google proposal that would have your browser share your browsing behavior and interests by default with every site and advertiser with which you interact.
Adobe critical vulnerabilities
Security Updates:
- Photoshop: https://helpx.adobe.com/security/products/photoshop/apsb21-28.html
- Bridge: https://helpx.adobe.com/security/products/bridge/apsb21-23.html
- Digital Editions: https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html
Security Updates:
- Photoshop: https://helpx.adobe.com/security/products/photoshop/apsb21-28.html
- Bridge: https://helpx.adobe.com/security/products/bridge/apsb21-23.html
- Digital Editions: https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html
Adobe
Adobe Security Bulletin
Security updates available for Adobe Photoshop | APSB21-28
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Копирование файлов/каталогов между PowerShell сессиями
https://sys-adm.in/programming/powershell-menu/955-kopirovanie-fajlov-katalogov-mezhdu-powershell-sessiyami.html
https://sys-adm.in/programming/powershell-menu/955-kopirovanie-fajlov-katalogov-mezhdu-powershell-sessiyami.html
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
GitLab Critical Security Release
RCE
https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/
RCE
https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/
GitLab
GitLab Critical Security Release: 13.10.3, 13.9.6, and 13.8.8
Learn more about GitLab Critical Security Release: 13.10.3, 13.9.6, and 13.8.8 for GitLab Community Edition (CE) and Enterprise Edition (EE).
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
Census-Labs
CENSUS | Cybersecurity Engineering
In this article we will have a look at how a simple phishing attack through an Android messaging application could result in the direct leakage of data found in unprotected device storage (/sdcard). Then we will show how the two aforementioned WhatsApp vulnerabilities…