Интересно, кто и как поддерживает security patching продуктов Adobe в компаниях? Бюллетени, да еще критикал, для продукции Adobe (в данном случае Reader) выходят на столько часто, что трудно представить как это дело поддерживается в компаниях, где более 10+ машин)

Идеи и предложения можно писать в комментах (я же это дело в Windows средах поддерживал через Wsus), а Вы?)

https://helpx.adobe.com/security.html/security/security-bulletin.ug.html

Win32k Elevation of Privilege Vulnerability

CVE-2021-40449

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449

up

https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/

https://bazaar.abuse.ch/browse/tag/CVE-2021-40449/

Android Mobile OS Snooping By Samsung,
Xiaomi, Huawei and Realme Handsets

Report about of how mobile device vendors spying to us*

P S. Some "spying" traffic from Android (like as Xiaomi, Facebook (if possible), built-in Android tracking) preventing by free Sys-Admin BLD service (lab.sys-adm.in)

Report from Virus Total about pf ransomware activity

Automating the deployment of Sysmon for Linux 🐧 and Azure Sentinel in a lab environment 🧪 - Microsoft Tech Community

https://techcommunity.microsoft.com/t5/azure-sentinel/automating-the-deployment-of-sysmon-for-linux-and-azure-sentinel/ba-p/2847054

In a bunch:

SysinternalsEBPF
https://github.com/Sysinternals/SysinternalsEBPF

Sysmon for Linux on GitHub:
https://github.com/Sysinternals/SysmonForLinux

Bunch of Juniper vulnerabilities (50+)

https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES&cat=SIRT_1&actp=&sort=datemodified&dir=descending&max=1000&batch=15&rss=true&itData.offset=0

The ad blocker that injects ads

Browser add-on's can be dangerous:

https://www.imperva.com/blog/the-ad-blocker-that-injects-ads/

Ключи от Королевства или The keys to the kingdom - securing your devices and accounts

Когда то были рекоммендации создавать сложные пароли и пассфразы:

https://support.microsoft.com/en-us/office/the-keys-to-the-kingdom-securing-your-devices-and-accounts-a925f8ad-af7e-40d8-9ce4-60ea1cac2ba4

Рекоммендации по паролям:

https://docs.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide

Теперь же прогнозируется беспарольное будущее:

https://www.microsoft.com/security/blog/2021/09/15/the-passwordless-future-is-here-for-your-microsoft-account/

Как бы там ни было - Берегите ключи от своего Королевства, будучи внимательным и предупрежденным 🙂

BlackMatter Ransomware (Alert from CISA)

https://us-cert.cisa.gov/ncas/alerts/aa21-291a

Microsoft Security Advisory CVE-2020-0951: Windows Defender Application Control Security Feature Bypass Vulnerability · Issue #27 · PowerShell/Announcements
https://github.com/PowerShell/Announcements/issues/27

Protecting Prometheus: Insecure configuration exposes secrets

https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/

Когда Прометей отдает метрики всем :)*

Cito (со слов разработчика) может транслировать исходный код в C, C++, C#, Java, JavaScript, Python, Swift, TypeScript, OpenCL C...

https://news.1rj.ru/str/sysadm_in_up/860

P.S. непонятно так ли это на самом деле... нужно смотреть*

Full Disclosure: Defense in depth -- the Microsoft way (part 78): completely outdated, vulnerable open source component(s) shipped with Windows 10&11
https://seclists.org/fulldisclosure/2021/Oct/17

P.S. thx for the link dear subscriber ✌️

Docker and Fedora 35 - Fedora Magazine
https://fedoramagazine.org/docker-and-fedora-35/

Oracle Critical Patch Update Advisory - October 2021

https://www.oracle.com/security-alerts/cpuoct2021.html

Top ten GitLab hacks for all stages of the DevOps Platform

https://about.gitlab.com/blog/2021/10/19/top-10-gitlab-hacks/

The Uptycs Threat Research Team spotted a campaign in which the TeamTNT threat actors deployed a malicious container image on Docker

https://securityaffairs.co/wordpress/123535/cyber-crime/teamtnt-docker-attack.html

CVE-2021-42299: TPM Carte Blanche

https://github.com/google/security-research/blob/master/pocs/bios/tpm-carte-blanche/writeup.md

SmashEx

SmashEx is an attack that exploits re-entrancy vulnerabilities in the exception handling designs of Intel SGX (Software Guard eXtensions) enclave runtimes. It is powerful enough to allow an attacker to read secrets or perform arbitrary code execution inside the victim enclave.

https://jasonyu1996.github.io/SmashEx/

How a simple Linux kernel memory corruption bug can lead to complete system compromise

https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html?m=1

Gummy Browsers: Targeted Browser Spoofing against State-of-the-Art Fingerprinting Techniques

https://arxiv.org/pdf/2110.10129.pdf