Avast releases decryptor for AtomSilo and LockFile ransomware
https://decoded.avast.io/threatintel/decryptor-for-atomsilo-and-lockfile-ransomware/
https://decoded.avast.io/threatintel/decryptor-for-atomsilo-and-lockfile-ransomware/
Gendigital
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery
Innovative Evasion Techniques in Roshtyak
New Quishing Campaign Shows How Threat Actors Innovate to Bypass Security
https://abnormalsecurity.com/blog/qr-code-campaign-bypass-security
https://abnormalsecurity.com/blog/qr-code-campaign-bypass-security
Abnormal AI
New Quishing Campaign Shows How Security Can Be Bypassed
A new phishing campaign using QR codes exploits compromised hosts to send emails, and major services to maintain and host their phishing pages.
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
Microsoft News
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.
SECURITY_GUIDANCE_FOR_5G_CLOUD_INFRASTRUCTURES_PART_I_20211028.PDF
420.9 KB
SECURITY GUIDANCE FOR 5G
CLOUD INFRASTRUCTURES
CLOUD INFRASTRUCTURES
Windows User Profile Service 0day LPE
https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html?m=1
https://halove23.blogspot.com/2021/10/windows-user-profile-service-0day.html?m=1
Documents reveal Facebook targeted children as young as 6 for consumer base
https://www.nbcnews.com/tech/social-media/facebook-documents-reveal-company-targeted-children-young-6-rcna4021
https://www.nbcnews.com/tech/social-media/facebook-documents-reveal-company-targeted-children-young-6-rcna4021
NBC News
Facebook documents reveal company targeted children as young as 6
Facebook was hiring employees to build out programs for children and young adults from ages 6 to 17, according to a company blog post.
Trojan Source: Invisible Vulnerabilities
paper describing cool new tricks for crafting targeted vulnerabilities that are invisible to human code reviewers
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
up
https://trojansource.codes
https://github.com/nickboucher/trojan-source#trojan-source
paper describing cool new tricks for crafting targeted vulnerabilities that are invisible to human code reviewers
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
up
https://trojansource.codes
https://github.com/nickboucher/trojan-source#trojan-source
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthenticated-remote-code-execution-cve-2021-22205-exploited-in-the-wild/
https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthenticated-remote-code-execution-cve-2021-22205-exploited-in-the-wild/
Rapid7
GitLab Unauthenticated RCE CVE-2021-22205 Exploited in the Wild | Rapid7 Blog
Worth the wait: Fedora Linux 35 is here! - Fedora Magazine
https://fedoramagazine.org/announcing-fedora-35/
https://fedoramagazine.org/announcing-fedora-35/
Fedora Magazine
Worth the wait: Fedora Linux 35 is here! - Fedora Magazine
Today, I’m excited to share the results of the hard work of thousands of Fedora Project contributors: our latest release, Fedora Linux 35, is here! While we broke our six-release streak of on-schedule releases, we felt it was more important to resolve a few…
Phishing emails seemingly coming from a Kaspersky email address
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021_phishing
https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021_phishing
Kaspersky
List of Advisories
List of disclosed vulnerabilities in Kaspersky products and researchers that reported them to us.
Pink, a botnet that competed with the vendor to control the massive infected devices
https://blog.netlab.360.com/pink-en/
https://blog.netlab.360.com/pink-en/
360 Netlab Blog - Network Security Research Lab at 360
Pink, a botnet that competed with the vendor to control the massive infected devices
Most of the following article was completed around early 2020, at that time the vendor was trying different ways to recover the massive amount of infected devices, we shared our findings with the vendor, as well as to CNCERT, and decided to not publish the…
warn_about_of_ramsomaware_from_fbi.pdf
1.4 MB
Tactics, Techniques, and Indicators of Compromise Associated
with Hello Kitty/FiveHands Ransomware
with Hello Kitty/FiveHands Ransomware
Ransomware attack to Toronto transport infrastructure
Attack to city infrastructure it is a good signal about of severity thread and defense levels...
https://therecord.media/ransomware-attack-disrupts-torontos-public-transportation-system/
Attack to city infrastructure it is a good signal about of severity thread and defense levels...
https://therecord.media/ransomware-attack-disrupts-torontos-public-transportation-system/
The Record
Ransomware attack disrupts Toronto’s public transportation system
A ransomware attack has disrupted the activities of the Toronto public transportation agency and has taken down several systems used by drivers and commuters alike.
What’s new in RHEL 9
Beta release is now-available
https://developers.redhat.com/articles/2021/11/03/red-hat-enterprise-linux-9-beta-here
Beta release is now-available
https://developers.redhat.com/articles/2021/11/03/red-hat-enterprise-linux-9-beta-here
Red Hat Developer
Red Hat Enterprise Linux 9 Beta is here | Red Hat Developer
We’ve been working hard on Red Hat Enterprise Linux 9. Red Hat Enterprise Linux 9 Beta is now available—and it’s been built with production stability and development agility in mind. Built from CentOS
Credit card skimmer evades Virtual Machines - Malwarebytes Labs | Malwarebytes Labs
https://blog.malwarebytes.com/threat-intelligence/2021/11/credit-card-skimmer-evades-virtual-machines/
https://blog.malwarebytes.com/threat-intelligence/2021/11/credit-card-skimmer-evades-virtual-machines/
Malwarebytes
Credit card skimmer evades Virtual Machines
This blog post was authored by Jérôme Segura There are many techniques threat actors use to slow down analysis or, even...
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Cybersecurity Awareness training
Free from AWS
https://learnsecurity.amazon.com/
P.S. Прикольно, есть на разных языках включая русский
Free from AWS
https://learnsecurity.amazon.com/
P.S. Прикольно, есть на разных языках включая русский
note: На хостинге где хостится doh.sys-adm.in произошел сбой, кто использует doh пожалуйста переключайтесь на bld.sys-adm.in эти сервера работают штатно.
PS. как подключаться (параметры для браузеров и тп) кратко описаны на lab.sys-adm.in
PS. как подключаться (параметры для браузеров и тп) кратко описаны на lab.sys-adm.in
BrakTooth Proof of Concept
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
What is BrakTooth
https://news.1rj.ru/str/sysadm_in_channel/3346
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
What is BrakTooth
https://news.1rj.ru/str/sysadm_in_channel/3346
GitHub
GitHub - Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks: A Series of Baseband & LMP Exploits against Bluetooth Classic…
A Series of Baseband & LMP Exploits against Bluetooth Classic Controllers - Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access
https://thehackernews.com/2021/11/hardcoded-ssh-key-in-cisco-policy-suite.html
P.S. thx for the link dear subscriber ✌️
https://thehackernews.com/2021/11/hardcoded-ssh-key-in-cisco-policy-suite.html
P.S. thx for the link dear subscriber ✌️
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html
https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html
Cisco Talos Blog
Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk
By Chetan Raghuprasad and Vanja Svajcer, with contributions from Caitlin Huey.
* Cisco Talos recently discovered a malicious campaign deploying variants of the Babuk ransomware predominantly affecting users in the U.S. with smaller number of infections…
* Cisco Talos recently discovered a malicious campaign deploying variants of the Babuk ransomware predominantly affecting users in the U.S. with smaller number of infections…