Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Копирование файлов/каталогов между PowerShell сессиями
https://sys-adm.in/programming/powershell-menu/955-kopirovanie-fajlov-katalogov-mezhdu-powershell-sessiyami.html
https://sys-adm.in/programming/powershell-menu/955-kopirovanie-fajlov-katalogov-mezhdu-powershell-sessiyami.html
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
GitLab Critical Security Release
RCE
https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/
RCE
https://about.gitlab.com/releases/2021/04/14/security-release-gitlab-13-10-3-released/
GitLab
GitLab Critical Security Release: 13.10.3, 13.9.6, and 13.8.8
Learn more about GitLab Critical Security Release: 13.10.3, 13.9.6, and 13.8.8 for GitLab Community Edition (CE) and Enterprise Edition (EE).
Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
Census-Labs
CENSUS | Cybersecurity Engineering
In this article we will have a look at how a simple phishing attack through an Android messaging application could result in the direct leakage of data found in unprotected device storage (/sdcard). Then we will show how the two aforementioned WhatsApp vulnerabilities…
Анализ уязвимостей удаленного выполнения кода движка Chromium V8 JavaScript
Статья на китайском, кто трансляторы справляются*
http://noahblog.360.cn/chromium_v8_remote_code_execution_vulnerability_analysis/
Статья на китайском, кто трансляторы справляются*
http://noahblog.360.cn/chromium_v8_remote_code_execution_vulnerability_analysis/
Improve your page experience with AMP and Cloudflare Workers Unbound
https://blog.cloudflare.com/amp-optimizer-on-cloudflare-workers/
https://blog.cloudflare.com/amp-optimizer-on-cloudflare-workers/
The Cloudflare Blog
Improve your page experience with AMP and Cloudflare Workers Unbound
Google’s new page experience measurements are going to be included in their search ranking in May 2021. Learn more about how to improve your page experience with AMP and Cloudflare Workers.
Russian Foreign Intelligence Service Exploiting Five Publicly Known Vulnerabilities to Compromise U.S. and Allied Networks
https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2573391/russian-foreign-intelligence-service-exploiting-five-publicly-known-vulnerabili/
P.S. спасибо за ссылку другу канала - @Thatskriptkid ✌️
https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2573391/russian-foreign-intelligence-service-exploiting-five-publicly-known-vulnerabili/
P.S. спасибо за ссылку другу канала - @Thatskriptkid ✌️
Таргетированный фишинг на участников цепей поставок covid вакцины
Транспортные компании, ИТ компании, здравоохранение. Видимыми целями являются - данные (как пример хищение сведений о переговорах цепей поставок, методах хранения вакцин, температурных режимах хранения)
В отчёте нет технических данных, есть анализ текущей ситуации, описание целей фишеров и признаков данной компании, какие производственные области находятся под ударом...
https://securityintelligence.com/posts/covid-19-vaccine-global-cold-chain-security/
Транспортные компании, ИТ компании, здравоохранение. Видимыми целями являются - данные (как пример хищение сведений о переговорах цепей поставок, методах хранения вакцин, температурных режимах хранения)
В отчёте нет технических данных, есть анализ текущей ситуации, описание целей фишеров и признаков данной компании, какие производственные области находятся под ударом...
https://securityintelligence.com/posts/covid-19-vaccine-global-cold-chain-security/
Security Intelligence
An update: The COVID-19 vaccine’s global cold chain continues to be a target
In December 2020, the COVID-19 cold chain was targeted by cyber adversaries. IBM Security X-Force discovered another 50 files tied to spear-phishing emails.
New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)
https://unit42.paloaltonetworks.com/cve-2021-20291/
https://unit42.paloaltonetworks.com/cve-2021-20291/
Unit 42
New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291)
CVE-2021-20291 leads to a denial of service of the container engines CRI-O and Podman when pulling a malicious image from a registry.
Work with GitHub Actions in your terminal with GitHub CLI - The GitHub Blog
https://github.blog/2021-04-15-work-with-github-actions-in-your-terminal-with-github-cli/
https://github.blog/2021-04-15-work-with-github-actions-in-your-terminal-with-github-cli/
The GitHub Blog
Work with GitHub Actions in your terminal with GitHub CLI
As of 1.9.0, GitHub Actions is available in your terminal. Two new top-level commands, `gh run` and `gh workflow`, provide insight into workflow runs.
Allow arbitrary URLs, expect arbitrary code execution
https://positive.security/blog/url-open-rce
P.S. Ссылка не моя, за что спасибо ✌️
https://positive.security/blog/url-open-rce
P.S. Ссылка не моя, за что спасибо ✌️
positive.security
Allow arbitrary URLs, expect arbitrary code execution | Positive Security
Insecure URL handling leading to 1-click code execution vulnerabilities in Telegram, Nextcloud (CVE-2021-22879), VLC, LibreOffice (CVE-2021-25631), OpenOffice (CVE-2021-30245), Bitcoin/Dogecoin Wallets, Wireshark (CVE-2021-22191) and Mumble (CVE-2021-27229).
При покупке шлюза Zyxel серии USG FLEX - 4G/LTE роутер в подарок
Для получения 4G/LTE роутера, необходимо конечно купить шлюз USG FLEX, зерегить его в системе управления сетью Zyxel Nebula, после чего отправить письмо, что мол так и так, купил железку, зарегистрировал в Nebula, где мой роутер? 🙂
Детали здесь.
При покупке шлюза Zyxel серии USG FLEX - 4G/LTE роутер в подарок
Для получения 4G/LTE роутера, необходимо конечно купить шлюз USG FLEX, зерегить его в системе управления сетью Zyxel Nebula, после чего отправить письмо, что мол так и так, купил железку, зарегистрировал в Nebula, где мой роутер? 🙂
Детали здесь.
EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1170
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1170
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
GitHub - Netflix/consoleme: A Central Control Plane for AWS Permissions and Access
https://github.com/Netflix/consoleme
https://github.com/Netflix/consoleme
GitHub
GitHub - Netflix/consoleme: A Central Control Plane for AWS Permissions and Access
A Central Control Plane for AWS Permissions and Access - Netflix/consoleme
How to join a Linux system to an Active Directory domain
https://www.redhat.com/sysadmin/linux-active-directory
https://www.redhat.com/sysadmin/linux-active-directory
Redhat
How to join a Linux system to an Active Directory domain
Microsoft's Active Directory (AD) is the go-to directory service for many organizations. If you and your team are responsible for a mixed Windows and Linux e...
Windows NTFS Denial of Service Vulnerability (update available)
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28312
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28312
socta2021_3.pdf
37.9 MB
ОЦЕНКА УГРОЗЫ ОРГАНИЗОВАННОЙ ПРЕСТУПНОСТИ В ЕВРОПЕЙСКОМ СОЮЗЕ (отчет Европола)
DDoS attack trends for 2021 Q1
https://blog.cloudflare.com/ddos-attack-trends-for-2021-q1/
https://blog.cloudflare.com/ddos-attack-trends-for-2021-q1/
The Cloudflare Blog
DDoS attack trends for 2021 Q1
Today, along with this deep-dive analysis blog, we’re excited to announce the new Radar DDoS Report page, our first fully automated data notebook built on top of Jupyter, Clickhouse, and Workers.
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
https://www.advanced-intel.com/post/adversary-dossier-ryuk-ransomware-anatomy-of-an-attack-in-2021
https://www.advanced-intel.com/post/adversary-dossier-ryuk-ransomware-anatomy-of-an-attack-in-2021