SSHing to my Raspberry Pi 400 from a browser, with Cloudflare Tunnel and Auditable Terminal
https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
https://blog.cloudflare.com/ssh-raspberry-pi-400-cloudflare-tunnel-auditable-terminal/
The Cloudflare Blog
SSHing to my Raspberry Pi 400 from a browser, with Cloudflare Tunnel and Auditable Terminal
This is how I set up a Pi 400 on my home network, used Cloudflare Tunnel to connect it to the Cloudflare network, used Auditable Terminal to connect to the Pi 400 via Cloudflare and the tunnel using nothing more than a browser.
The NGINX Handbook
https://www.freecodecamp.org/news/the-nginx-handbook/amp/
https://www.freecodecamp.org/news/the-nginx-handbook/amp/
freeCodeCamp.org
The NGINX Handbook – Learn NGINX for Beginners
A young Russian developer named Igor Sysoev was frustrated by older web servers' inability to handle more than 10 thousand concurrent requests. This is a problem referred to as the C10k problem. As an answer to this, he started working on a new web s...
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel
https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html?m=1
https://blog.talosintelligence.com/2021/04/vuln-spotlight-linux-kernel.html?m=1
Cisco Talos Blog
Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel
Lilith >_> and Claudio Bozzato of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel.
The Linux Kernel is the free and open-source core of Unix-like…
Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel.
The Linux Kernel is the free and open-source core of Unix-like…
Chrome 90.0.4430.93 for Windows, Mac and Linux which will roll out over the coming days/weeks
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_26.html
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 90.0.4430.93 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list...
APT trends report Q1 2021
https://securelist.com/apt-trends-report-q1-2021/101967/
https://securelist.com/apt-trends-report-q1-2021/101967/
Securelist
APT trends report Q1 2021
This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in…
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
SharePoint в опасносте..
https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html
SharePoint в опасносте..
https://www.trendmicro.com/en_us/research/21/d/hello-ransomware-uses-updated-china-chopper-web-shell-sharepoint-vulnerability.html
Trend Micro
Hello Ransomware Uses Updated China Chopper Web Shell, SharePoint Vulnerability
We discuss the technical features of a Hello ransomware attack, including its exploitation of CVE-2019-0604 and the use of a modified version of the China Chopper web shell.
WordPress XXE injection vulnerability could allow attackers to remotely steal host files
https://portswigger.net/daily-swig/wordpress-xxe-injection-vulnerability-could-allow-attackers-to-remotely-steal-host-files
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability
https://portswigger.net/daily-swig/wordpress-xxe-injection-vulnerability-could-allow-attackers-to-remotely-steal-host-files
https://blog.sonarsource.com/wordpress-xxe-security-vulnerability
The Daily Swig | Cybersecurity news and views
WordPress XXE injection vulnerability could allow attackers to remotely steal host files
Researchers provide technical details of bug that was fixed in latest security release
Стартап Mighty разработал облачный браузер: он обещает работать быстрее Chrome и тратить всего 500 МБ оперативной памяти
https://vc.ru/services/239805-startap-mighty-razrabotal-oblachnyy-brauzer-on-obeshchaet-rabotat-bystree-chrome-i-tratit-vsego-500-mb-operativnoy-pamyati
https://vc.ru/services/239805-startap-mighty-razrabotal-oblachnyy-brauzer-on-obeshchaet-rabotat-bystree-chrome-i-tratit-vsego-500-mb-operativnoy-pamyati
vc.ru
Стартап Mighty разработал облачный браузер: он обещает работать быстрее Chrome и тратить всего 500 МБ оперативной памяти — Сервисы…
Браузер стримится с облака, а не работает локально на компьютере. Это ускоряет работу при десятках вкладок, избавляет от шума вентилятора и экономит около двух часов заряда батареи, заявляют создатели. Стоимость Mighty — $30 в месяц.
DigitalOcean says customer billing data accessed in data breach
DigitalOcean разослала клиентам по электронной почте предупреждение об утечке данных, связанных с платежными данными клиентов.
Напомню, что это уже второй случай в данной компании за последние годы:
https://techcrunch.com/2021/04/28/digitalocean-customer-billing-data-breach/
DigitalOcean разослала клиентам по электронной почте предупреждение об утечке данных, связанных с платежными данными клиентов.
Напомню, что это уже второй случай в данной компании за последние годы:
https://techcrunch.com/2021/04/28/digitalocean-customer-billing-data-breach/
TechCrunch
DigitalOcean says customer billing data accessed in data breach | TechCrunch
The data breach happened between April 9-22.
[Announce] Samba 4.14.4, 4.13.8 and 4.12.15 Security Releases Available
https://www.mail-archive.com/samba-announce@lists.samba.org/msg00548.html
https://www.mail-archive.com/samba-announce@lists.samba.org/msg00548.html
Alibaba Cloud OSS бакет, как локальный каталог (при помощи ossfs)
Ранее писал как синхронизировать бэкапы в OSS, в том случае использовался MinIO, в рамках данной статьи базово рассказывается о том, как можно использовать клиент ossfs, создать OSS бакет, создать пользователя и предоставить этому пользователю доступ в бакет при помощи пары access/secret ключей и собственно клиента ossfs.
https://news.1rj.ru/str/sysadm_in_up/613
Ранее писал как синхронизировать бэкапы в OSS, в том случае использовался MinIO, в рамках данной статьи базово рассказывается о том, как можно использовать клиент ossfs, создать OSS бакет, создать пользователя и предоставить этому пользователю доступ в бакет при помощи пары access/secret ключей и собственно клиента ossfs.
https://news.1rj.ru/str/sysadm_in_up/613
Telegram
Sys-Admin Up
Alibaba Cloud OSS бакет, как локальный каталог (при помощи ossfs)
Ранее писал как синхронизировать бэкапы в OSS, в том случае использовался MinIO, в рамках данной статьи базово рассказывается о том, как можно использовать клиент ossfs, создать OSS бакет…
Ранее писал как синхронизировать бэкапы в OSS, в том случае использовался MinIO, в рамках данной статьи базово рассказывается о том, как можно использовать клиент ossfs, создать OSS бакет…
CISA is aware of a public report, known as “BadAlloc” that details vulnerabilities found in multiple real-time operating systems (RTOS) and supporting libraries
List affected products is very long and has products from Amazon, Microsoft, Google and more:
https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04
List affected products is very long and has products from Amazon, Microsoft, Google and more:
https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04
Silverfort Researchers Discover KDC Spoofing Vulnerability in F5 Big-IP [CVE-2021-23008]
https://www.silverfort.com/blog/silverfort-researchers-discover-kdc-spoofing-vulnerability-in-f5-big-ip-cve-2021-23008/
https://www.silverfort.com/blog/silverfort-researchers-discover-kdc-spoofing-vulnerability-in-f5-big-ip-cve-2021-23008/
Silverfort
Discovering KDC Spoofing Vulnerability in F5 Big-IP - Silverfort
F5 Big-IP Application Delivery Services is a solution that delivers applications in a secure and scalable manner. One of its core components is Access Policy Manager (APM), which manages and enforces policies to ensure access is properly authenticated and…
RotaJakiro: A long live secret backdoor with 0 VT detection
https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/
https://blog.netlab.360.com/stealth_rotajakiro_backdoor_en/
360 Netlab Blog - Network Security Research Lab at 360
RotaJakiro: A long live secret backdoor with 0 VT detection
Overview
On March 25, 2021, 360 NETLAB's BotMon system flagged a suspiciousELF file (MD5=64f6cfe44ba08b0babdd3904233c4857) with 0 VT detection, the sample communicates with 4 domains on TCP 443 (HTTPS), but the traffic is not of TLS/SSL. A close look at…
On March 25, 2021, 360 NETLAB's BotMon system flagged a suspiciousELF file (MD5=64f6cfe44ba08b0babdd3904233c4857) with 0 VT detection, the sample communicates with 4 domains on TCP 443 (HTTPS), but the traffic is not of TLS/SSL. A close look at…
https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html
Не только интересное чтиво, но и апдейт по zero-click баге в блютусной подсистеме линуксов, котора позволяет выполнять код с привелегиями ядра просто находясь рядом с уязвимой машиной.
P.S. Спасибо за ссылку (https://news.1rj.ru/str/sysadm_in/166594)
Не только интересное чтиво, но и апдейт по zero-click баге в блютусной подсистеме линуксов, котора позволяет выполнять код с привелегиями ядра просто находясь рядом с уязвимой машиной.
P.S. Спасибо за ссылку (https://news.1rj.ru/str/sysadm_in/166594)
security-research
BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
GitHub
GitHub - bregman-arie/devops-exercises: Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform…
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions - bre...
Defenseless: UVA Engineering Computer Scientists Discover Vulnerability Affecting Computers Globally | University of Virginia School of Engineering and Applied Science
https://engineering.virginia.edu/news/2021/04/defenseless-uva-engineering-computer-scientists-discover-vulnerability-affecting
https://engineering.virginia.edu/news/2021/04/defenseless-uva-engineering-computer-scientists-discover-vulnerability-affecting
engineering.virginia.edu
Defenseless: UVA Engineering Computer Scientists Discover Vulnerability Affecting Computers Globally | University of Virginia School…
Editor's Note, May 5, 2021: This story has been updated.
Multiple Vulnerabilities Resolved in Pulse Connect Secure
https://kb.pulsesecure.net/pkb_mobile#article/l:en_US/SA44784/s
https://kb.pulsesecure.net/pkb_mobile#article/l:en_US/SA44784/s
New Variant of Buer Loader Written in Rust | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust
https://www.proofpoint.com/us/blog/threat-insight/new-variant-buer-loader-written-rust
Proofpoint
RustyBuer: New Malware Loader Distributed Via Emails | Proofpoint US
Proofpoint researchers identified a new variant of the Buer malware loader distributed via emails masquerading as shipping notices. Learn more about RustyBuer.