Adobe, снова - Security update available  for Adobe Acrobat and Reader

https://helpx.adobe.com/security/products/acrobat/apsb21-51.html

Windows Kernel Elevation of Privilege Vulnerability

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31979

Mitigate Windows Print Spooler Service Vulnerability

CISA Emergency Warns:
https://cyber.dhs.gov/ed/21-04/

Multiple vulnerabilities in VMware ESXi

https://www.vmware.com/security/advisories/VMSA-2021-0014.html

An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors

Эмпирическая оценка систем обнаружения конечных точек и реагирования на современные постоянные угрозы векторов атак

https://www.mdpi.com/2624-800X/1/3/21

SigNoz/signoz: SigNoz helps developers monitor their applications & troubleshoot problems, an open-source alternative to DataDog, NewRelic, etc. 🔥 🖥
https://github.com/SigNoz/signoz

Etherpad 1.8.13 - Code Execution Vulnerabilities
https://blog.sonarsource.com/etherpad-code-execution-vulnerabilities

Urgent Security Notice: Critical Risk to Unpatched End-of-Life SRA & SMA 8.x Remote Access Devices | SonicWall

https://www.sonicwall.com/support/product-notification/urgent-security-notice-critical-risk-to-unpatched-end-of-life-sra-sma-8-x-remote-access-devices/210713105333210/

Joker Is Still No Laughing Matter

Joker trojans are malicious Android applications

Рост вариаций Joker, под что маскируется, цепочка атак:
https://blog.zimperium.com/joker-is-still-no-laughing-matter/

How we protect users from 0-day attacks
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/amp/

⁠
Отчет о прошедшем Open SysConf’21

Открытая идея, как продолжение идеи Open SysConf, которая направлена на шаринг знаний, awareness в области ИТ всех заинтересованных людей, инициировало создание данного документа, в котором формально выражены ответы на полученный фидбек, анализ прошедшего мероприятия, организационные аспекты.

• https://docs.google.com/document/d/1uIRJFHdDoBORmM4DpwejoHKc7EToyY_nftQsWe-NMO4/edit?usp=sharing

Доп. ссылки:
• Оставить фидбек можно здесь - https://docs.google.com/forms/d/e/1FAIpQLScixOHh5pCNJseuRT4a04B1703vC8ux5Btrba2rismJ-lUwJA/viewform?usp=sf_link
• Стрим был здесь - https://news.1rj.ru/str/sysadm_in_channel/3199
• Сайт - https://sysconf.io

Всем Peace ✌️
⁠

Getting Started with Podman on Fedora

https://fedoramagazine.org/getting-started-with-podman-in-fedora/

NaaS никогда не сталкивался, но оказывается есть и такое (Network as a Service Enables)

Со слов IDC довольно востребовано:

https://idcdocserv.com/US47128521

Critical WooCommerce SQL Injection Vulnerability Details

https://patchstack.com/woocommerce-sql-injection-vulnerability/

Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20Release%209.16.1%20and%20Cisco%20Firepower%20Threat%20Defense%20Software%20Release%207.0.0%20IPsec%20Denial%20of%20Service%20Vulnerability&vs_k=1

Remote code execution in cdnjs of Cloudflare

https://blog.ryotak.me/post/cdnjs-remote-code-execution-en/

Bypassing Windows Hello Without Masks or Plastic Surgery
https://www.cyberark.com/resources/threat-research-blog/bypassing-windows-hello-without-masks-or-plastic-surgery

Vulnerability Spotlight: Multiple vulnerabilities in D-LINK DIR-3040

https://blog.talosintelligence.com/2021/07/vuln-spotlight-d-link.html

P.S. Thx for link @Thatskriptkid ✌️

Microsoft Windows Print Spooler Point and Print allows installation of arbitrary queue-specific files

https://kb.cert.org/vuls/id/131152

P.S. что в их Linux'e будет твориться, если в своей же системе разобраться не могут..?