Response to Qlocker Ransomware Attacks: Take Actions to Secure QNAP NAS
https://www.qnap.com/en/news/2021/response-to-qlocker-ransomware-attacks-take-actions-to-secure-qnap-nas
https://www.qnap.com/en/news/2021/response-to-qlocker-ransomware-attacks-take-actions-to-secure-qnap-nas
Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
https://www.trendmicro.com/en_us/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html
https://www.trendmicro.com/en_us/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html
Trend Micro
Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
We found a botnet malware campaign targeting Linux systems, abusing the Tor network for proxies, and exploiting cloud infrastructure management tools for intrusion.
Detecting Secrets to Reduce Attack Surface
В настоящее время нет (или мало) публично доступных инструментов с открытым исходным кодом для обнаружения секретов в образах контейнеров. Авторы рассказывают про инструмент с открытым исходным кодом SecretScanner который предназначен для обнаружения секретов, которые хранятся в образах непреднамеренно или по ошибке дизайна образа
Примеры секретов:
- пароли пользователей
- автоматически сгенерированные пароли
- пароли от БД
- SSH ключи
- API ключи
- авторизационные ключи
- токены
- SSL сертификаты
https://medium.com/deepfence-cloud-native-security/detecting-secrets-to-reduce-attack-surface-3405ee6329b5
В настоящее время нет (или мало) публично доступных инструментов с открытым исходным кодом для обнаружения секретов в образах контейнеров. Авторы рассказывают про инструмент с открытым исходным кодом SecretScanner который предназначен для обнаружения секретов, которые хранятся в образах непреднамеренно или по ошибке дизайна образа
Примеры секретов:
- пароли пользователей
- автоматически сгенерированные пароли
- пароли от БД
- SSH ключи
- API ключи
- авторизационные ключи
- токены
- SSL сертификаты
https://medium.com/deepfence-cloud-native-security/detecting-secrets-to-reduce-attack-surface-3405ee6329b5
GitHub
GitHub - deepfence/SecretScanner: :unlock: Find secrets and passwords in container images and file systems :unlock:
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock: - GitHub - deepfence/SecretScanner: :unlock: Find secrets and passwords in container images and f...
About the security content of iOS 14.5 and iPadOS 14.5 - Apple Support
Довольно много патчей от Apple устраняющих достаточное количество уязвимостей
https://support.apple.com/en-us/HT212317
Довольно много патчей от Apple устраняющих достаточное количество уязвимостей
https://support.apple.com/en-us/HT212317
Apple Support
About the security content of iOS 14.5 and iPadOS 14.5
This document describes the security content of iOS 14.5 and iPadOS 14.5.
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - SentinelLabs
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/
SentinelOne
Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol - SentinelLabs
A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there's no patch in sight.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Linux Security Module Usage
https://www.kernel.org/doc/html/v4.15/admin-guide/LSM/index.html
…
KubeArmor
https://github.com/accuknox/KubeArmor#getting-started
https://www.kernel.org/doc/html/v4.15/admin-guide/LSM/index.html
…
KubeArmor
https://github.com/accuknox/KubeArmor#getting-started
GitHub
GitHub - kubearmor/KubeArmor: Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive…
Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor). - kubearmor/KubeArmor
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure
https://discuss.hashicorp.com/t/hcsec-2021-12-codecov-security-event-and-hashicorp-gpg-key-exposure/23512
https://discuss.hashicorp.com/t/hcsec-2021-12-codecov-security-event-and-hashicorp-gpg-key-exposure/23512
HashiCorp Discuss
HCSEC-2021-12 - Codecov Security Event and HashiCorp GPG Key Exposure
Bulletin ID: HCSEC-2021-12 Publication Date: April 22, 2021 Summary HashiCorp was impacted by a security incident with a third party (Codecov) that led to potential disclosure of sensitive information. As a result, the GPG key used for release signing…
Управление рисками цепочек поставок от NIST/CISA
Агентство по кибербезопасности и инфраструктурной безопасности (CISA) и Национальный институт стандартов и технологий (NIST) предоставляют информацию об атаках на цепочку поставок программного обеспечения, связанных с ними рисках и о том, как организации могут эти риски могут смягчить
https://csrc.nist.gov/projects/cyber-supply-chain-risk-management
Агентство по кибербезопасности и инфраструктурной безопасности (CISA) и Национальный институт стандартов и технологий (NIST) предоставляют информацию об атаках на цепочку поставок программного обеспечения, связанных с ними рисках и о том, как организации могут эти риски могут смягчить
https://csrc.nist.gov/projects/cyber-supply-chain-risk-management
CSRC | NIST
Cybersecurity Supply Chain Risk Management | CSRC | CSRC
Cybersecurity Supply Chain Risk Management (C-SCRM) involves identifying, assessing, and mitigating the risks associated with the distributed and interconnected nature of Information Communications Technology and Operational Technology (ICT/OT) product and…
Fedora Linux 34 is officially here! - Fedora Magazine
https://fedoramagazine.org/announcing-fedora-34/
What's new in Fedora:
https://fedoramagazine.org/whats-new-fedora-34-workstation/
https://fedoramagazine.org/announcing-fedora-34/
What's new in Fedora:
https://fedoramagazine.org/whats-new-fedora-34-workstation/
Fedora Magazine
Fedora Linux 34 is officially here! - Fedora Magazine
Fedora Linux 34 is released and ready for you to install or upgrade today.
SSHing to my Raspberry Pi 400 from a browser, with Cloudflare Tunnel and Auditable Terminal
https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
The Cloudflare Blog
SSHing to my Raspberry Pi 400 from a browser, with Cloudflare Tunnel and Auditable Terminal
This is how I set up a Pi 400 on my home network, used Cloudflare Tunnel to connect it to the Cloudflare network, used Auditable Terminal to connect to the Pi 400 via Cloudflare and the tunnel using nothing more than a browser.
The NGINX Handbook
https://www.freecodecamp.org/news/the-nginx-handbook/amp/
https://www.freecodecamp.org/news/the-nginx-handbook/amp/
freeCodeCamp.org
The NGINX Handbook – Learn NGINX for Beginners
A young Russian developer named Igor Sysoev was frustrated by older web servers' inability to handle more than 10 thousand concurrent requests. This is a problem referred to as the C10k problem. As an answer to this, he started working on a new web s...
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel
https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html?m=1
https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html?m=1
Cisco Talos Blog
Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel
Lilith >_> and Claudio Bozzato of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel.
The Linux Kernel is the free and open-source core of Unix-like…
Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel.
The Linux Kernel is the free and open-source core of Unix-like…
Chrome 90.0.4430.93 for Windows, Mac and Linux which will roll out over the coming days/weeks
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 90.0.4430.93 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list...
APT trends report Q1 2021
https://securelist.com/apt-trends-report-q1-2021/101967/
https://securelist.com/apt-trends-report-q1-2021/101967/
Securelist
APT trends report Q1 2021
This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in…
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
SharePoint в опасносте..
https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html
SharePoint в опасносте..
https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html
Trend Micro
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
We discuss the technical features of a Hello ransomware attack, including its exploitation of CVE-2019-0604 and the use of a modified version of the China Chopper web shell.
WordPress XXE injection vulnerability could allow attackers to remotely steal host files
https://portswigger.net/daily-swig/wordpress-xxe-injection-vulnerability-could-allow-attackers-to-remotely-steal-host-files
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability
https://portswigger.net/daily-swig/wordpress-xxe-injection-vulnerability-could-allow-attackers-to-remotely-steal-host-files
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability
The Daily Swig | Cybersecurity news and views
WordPress XXE injection vulnerability could allow attackers to remotely steal host files
Researchers provide technical details of bug that was fixed in latest security release
Стартап Mighty разработал облачный браузер: он обещает работать быстрее Chrome и тратить всего 500 МБ оперативной памяти
https://vc.ru/services/239805-startap-mighty-razrabotal-oblachnyy-brauzer-on-obeshchaet-rabotat-bystree-chrome-i-tratit-vsego-500-mb-operativnoy-pamyati
https://vc.ru/services/239805-startap-mighty-razrabotal-oblachnyy-brauzer-on-obeshchaet-rabotat-bystree-chrome-i-tratit-vsego-500-mb-operativnoy-pamyati
vc.ru
Стартап Mighty разработал облачный браузер: он обещает работать быстрее Chrome и тратить всего 500 МБ оперативной памяти — Сервисы…
Браузер стримится с облака, а не работает локально на компьютере. Это ускоряет работу при десятках вкладок, избавляет от шума вентилятора и экономит около двух часов заряда батареи, заявляют создатели. Стоимость Mighty — $30 в месяц.
DigitalOcean says customer billing data accessed in data breach
DigitalOcean разослала клиентам по электронной почте предупреждение об утечке данных, связанных с платежными данными клиентов.
Напомню, что это уже второй случай в данной компании за последние годы:
https://techcrunch.com/2021/04/28/digitalocean-customer-billing-data-breach/
DigitalOcean разослала клиентам по электронной почте предупреждение об утечке данных, связанных с платежными данными клиентов.
Напомню, что это уже второй случай в данной компании за последние годы:
https://techcrunch.com/2021/04/28/digitalocean-customer-billing-data-breach/
TechCrunch
DigitalOcean says customer billing data accessed in data breach | TechCrunch
The data breach happened between April 9-22.
[Announce] Samba 4.14.4, 4.13.8 and 4.12.15 Security Releases Available
https://www.mail-archive.com/samba-announce@lists.samba.org/msg00548.html
https://www.mail-archive.com/samba-announce@lists.samba.org/msg00548.html