Sys-Admin InfoSec pinned « Update: Дата и время Open SysConf. Темы будущих докладов. Всем доброго времени суток. Как было обещано ранее возвращаюсь к Вам с обновлениями по нашей SysConf встрече. Известны дата, время и город оффлайн встречи - 10 июля (суббота) 10:00-19:00 (GMT+6)…»
Vulnerability Spotlight: A deep dive into macOS SMB server
https://blog.talosintelligence.com/2021/06/vuln-spotlight-smb-mac-deep-dive.html?m=1
https://blog.talosintelligence.com/2021/06/vuln-spotlight-smb-mac-deep-dive.html?m=1
Cisco Talos Blog
Vulnerability Spotlight: A deep dive into macOS SMB server
By Aleksandar Nikolich.
Executive summary
Cisco Talos recently discovered multiple vulnerabilities in macOS’s implementation of SMB server. An adversary could exploit these vulnerabilities to carry out a variety of malicious actions, including revealing…
Executive summary
Cisco Talos recently discovered multiple vulnerabilities in macOS’s implementation of SMB server. An adversary could exploit these vulnerabilities to carry out a variety of malicious actions, including revealing…
GitHub - pavel-kirienko/cpu-load-side-channel: Side-channel file transfer between independent VM executed on the same physical host
PoC
https://github.com/pavel-kirienko/cpu-load-side-channel
PoC
https://github.com/pavel-kirienko/cpu-load-side-channel
GitHub
GitHub - pavel-kirienko/cpu-load-side-channel: Side-channel file transfer between independent VMs or processes executed on the…
Side-channel file transfer between independent VMs or processes executed on the same physical host. - pavel-kirienko/cpu-load-side-channel
Kali Linux 2021.2 Release (Kaboxer, Kali-Tweaks, Bleeding-Edge & Privileged Ports) | Kali Linux Blog
https://www.kali.org/blog/kali-linux-2021-2-release/
https://www.kali.org/blog/kali-linux-2021-2-release/
Kali Linux
Kali Linux 2021.2 Release (Kaboxer, Kali-Tweaks, Bleeding-Edge & Privileged Ports) | Kali Linux Blog
Say hello to Kali Linux 2021.2! This release welcomes a mixture of new items as well as enhancements of existing features, and is ready to be downloaded (from our updated page) or upgraded if you have an existing Kali Linux installation.
A quick summary of…
A quick summary of…
Best Practices for MITRE ATT&CK® Mapping
https://us-cert.cisa.gov/sites/default/files/publications/Best%20Practices%20for%20MITRE%20ATTCK%20Mapping.pdf
https://us-cert.cisa.gov/sites/default/files/publications/Best%20Practices%20for%20MITRE%20ATTCK%20Mapping.pdf
Updates to our policies regarding exploits, malware, and vulnerability research | The GitHub Blog
https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/
https://github.blog/2021-06-04-updates-to-our-policies-regarding-exploits-malware-and-vulnerability-research/
The GitHub Blog
Updates to our policies regarding exploits, malware, and vulnerability research
One month ago, we started a discussion with the community about proposed revisions to clarify GitHub’s policies on security research, malware, and exploits with the goal to enable, welcome, and encourage dual-use security research and
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Understand your dependencies
Your software and your users rely not only on the code you write, but also on the code your code depends on, the code that code depends on, and so on. An accurate view of the complete dependency graph is critical to understanding the state of your project. And it’s not just code: you need to know about security vulnerabilities, licenses, recent releases, and more.
Может быть полезным при использовании сторонних пакетов/модулей в своих (или чужих :)) проектах
https://deps.dev/
Your software and your users rely not only on the code you write, but also on the code your code depends on, the code that code depends on, and so on. An accurate view of the complete dependency graph is critical to understanding the state of your project. And it’s not just code: you need to know about security vulnerabilities, licenses, recent releases, and more.
Может быть полезным при использовании сторонних пакетов/модулей в своих (или чужих :)) проектах
https://deps.dev/
Using machine learning to improve the Windows 10 update experience - Microsoft Tech Community
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/using-machine-learning-to-improve-the-windows-10-update/ba-p/877860
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/using-machine-learning-to-improve-the-windows-10-update/ba-p/877860
TECHCOMMUNITY.MICROSOFT.COM
Using machine learning to improve the Windows 10 update experience | Microsoft Community Hub
Learn how we use ML to guide the rollout of feature updates and identify which PCs will have a great experience.
Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments
Siloscape - сильно запутанная вредоносная программа, нацеленная на кластеры Kubernetes через контейнеры Windows. Его основная цель - открыть бэкдор в плохо настроенные кластеры Kubernetes для запуска вредоносных контейнеров
PoC
https://unit42.paloaltonetworks.com/siloscape/
Siloscape - сильно запутанная вредоносная программа, нацеленная на кластеры Kubernetes через контейнеры Windows. Его основная цель - открыть бэкдор в плохо настроенные кластеры Kubernetes для запуска вредоносных контейнеров
PoC
https://unit42.paloaltonetworks.com/siloscape/
Unit 42
Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments
The main purpose of Siloscape is to open a backdoor into poorly configured Kubernetes clusters in order to run malicious containers.
macOS Monterey introduces powerful features to get more done - Apple
https://www.apple.com/newsroom/2021/06/macos-monterey-introduces-powerful-features-to-get-more-done/
https://www.apple.com/newsroom/2021/06/macos-monterey-introduces-powerful-features-to-get-more-done/
Apple Newsroom
macOS Monterey introduces powerful features to get more done
Apple introduces macOS Monterey, with new ways to connect with friends and family, Shortcuts and tools to get work done, and Continuity features.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Oracle Cloud Free Tier | Oracle
Вот такое вот обещают:
Try Always Free cloud services and get a 30-day trial
Build, test, and deploy applications on Oracle Cloud—for free.
https://www.oracle.com/cloud/free/
Вот такое вот обещают:
Try Always Free cloud services and get a 30-day trial
Build, test, and deploy applications on Oracle Cloud—for free.
https://www.oracle.com/cloud/free/
Oracle
Access Cloud Services for Free
Oracle Cloud Free Tier provides enterprises with Always Free Cloud Services that can be used for an unlimited time.
Fujifilm подверглась атаке шифровальщика
Не стали долго думать и обратились к своим бэкапам с целью восстановления инфраструктуры
Помни дорогой друг - бэкап важно не только иметь, но и периодически его проверять :)
https://www.fujifilm.com/jp/en/news/hq/6642-2
Не стали долго думать и обратились к своим бэкапам с целью восстановления инфраструктуры
Помни дорогой друг - бэкап важно не только иметь, но и периодически его проверять :)
https://www.fujifilm.com/jp/en/news/hq/6642-2
Fujifilm
Updated: Unauthorized access to Fujifilm servers | Fujifilm [Japan]
How Netflix uses eBPF flow logs at scale for network insight | by Netflix Technology Blog | Jun, 2021 | Netflix TechBlog
https://netflixtechblog.com/how-netflix-uses-ebpf-flow-logs-at-scale-for-network-insight-e3ea997dca96
https://netflixtechblog.com/how-netflix-uses-ebpf-flow-logs-at-scale-for-network-insight-e3ea997dca96
Medium
How Netflix uses eBPF flow logs at scale for network insight
By Alok Tiagi, Hariharan Ananthakrishnan, Ivan Porto Carrero and Keerti Lakshminarayan
Automox Experts Weigh In on June 2021 Microsoft Patch Tuesday Release
Порядка ~50 фиксов, в том числе для активно эксплуатируемых уязвимостей
https://blog.automox.com/automox-experts-weigh-in-june-patch-tuesday-2021
Прямая ссылка:
https://msrc.microsoft.com/update-guide
Порядка ~50 фиксов, в том числе для активно эксплуатируемых уязвимостей
https://blog.automox.com/automox-experts-weigh-in-june-patch-tuesday-2021
Прямая ссылка:
https://msrc.microsoft.com/update-guide
PuzzleMaker attacks with Chrome zero-day exploit chain | Securelist
https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
Securelist
PuzzleMaker attacks with Chrome zero-day exploit chain
We detected a wave of highly targeted attacks that exploited a chain of Google Chrome and Microsoft Windows zero-day exploits.
SAP Security Patch Day – June 2021
https://wiki.scn.sap.com/wiki/plugins/servlet/mobile?contentId=578125999#content/view/578125999
https://wiki.scn.sap.com/wiki/plugins/servlet/mobile?contentId=578125999#content/view/578125999