Trojan Source: Invisible Vulnerabilities

paper describing cool new tricks for crafting targeted vulnerabilities that are invisible to human code reviewers

https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/

up

https://trojansource.codes
https://github.com/nickboucher/trojan-source#trojan-source

GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild

https://www.rapid7.com/blog/post/2021/11/01/gitlab-unauthenticated-remote-code-execution-cve-2021-22205-exploited-in-the-wild/

Worth the wait: Fedora Linux 35 is here! - Fedora Magazine
https://fedoramagazine.org/announcing-fedora-35/

Phishing emails seemingly coming from a Kaspersky email address

https://support.kaspersky.com/general/vulnerability.aspx?el=12430#01112021_phishing

Pink, a botnet that competed with the vendor to control the massive infected devices

https://blog.netlab.360.com/pink-en/

Tactics, Techniques, and Indicators of Compromise Associated
with Hello Kitty/FiveHands Ransomware

Ransomware attack to Toronto transport infrastructure

Attack to city infrastructure it is a good signal about of severity thread and defense levels...

https://therecord.media/ransomware-attack-disrupts-torontos-public-transportation-system/

What’s new in RHEL 9

Beta release is now-available

https://developers.redhat.com/articles/2021/11/03/red-hat-enterprise-linux-9-beta-here

Credit card skimmer evades Virtual Machines - Malwarebytes Labs | Malwarebytes Labs
https://blog.malwarebytes.com/threat-intelligence/2021/11/credit-card-skimmer-evades-virtual-machines/

Cybersecurity Awareness training

Free from AWS

https://learnsecurity.amazon.com/

P.S. Прикольно, есть на разных языках включая русский

note: На хостинге где хостится doh.sys-adm.in произошел сбой, кто использует doh пожалуйста переключайтесь на bld.sys-adm.in эти сервера работают штатно.

PS. как подключаться (параметры для браузеров и тп) кратко описаны на lab.sys-adm.in

BrakTooth Proof of Concept

https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks

What is BrakTooth

https://news.1rj.ru/str/sysadm_in_channel/3346

Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access

https://thehackernews.com/2021/11/hardcoded-ssh-key-in-cisco-policy-suite.html

P.S. thx for the link dear subscriber ✌️

Microsoft Exchange vulnerabilities exploited once again for ransomware, this time with Babuk

https://blog.talosintelligence.com/2021/11/babuk-exploits-exchange.html

Action needed by self-managed customers in response to CVE-2021-22205 | GitLab
https://about.gitlab.com/blog/2021/11/04/action-needed-in-response-to-cve2021-22205/

Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions:

- Log in with a default credential if the Telnet protocol is enabled
- Perform command injection
- Modify the configuration

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr

Why You Should Delete Google Chrome On Your Phone

https://www.forbes.com/sites/zakdoffman/2021/11/06/stop-using-google-chrome-on-android-samsung-apple-iphone-and-windows-10-devices/?sh=256118567bf8

New Magecart group uses an e-Skimmer that avoids VMs and sandboxesSecurity Affairs
https://securityaffairs.co/wordpress/124287/hacking/magecart-e-skimmer-avoids-vms.html

Как российские компании защищаются от целевых атак

Каких угроз опасаются, какие решения используют и тп, полезно для общего понимания общей картины. Отчет от PT:

https://www.ptsecurity.com/ru-ru/research/analytics/kak-rossijskie-kompanii-zashchishchayutsya-ot-celevyh-atak/

General Availability of PowerShell 7.2 - PowerShell Team
https://devblogs.microsoft.com/powershell/general-availability-of-powershell-7-2/