CoinHelper Research | Avast
https://blog.avast.com/coinhelper-research-avast

Прям свежак, свежак - Установщик GVM 21 на Ubuntu 20+

Пока поддерживается убунту, после планируется Rocky, CentOS. Ставит и собирает готовое vulnerability scanning решение из исходников.

https://github.com/m0zgen/install-gvm21

Билдится согласно оф. ману:

https://greenbone.github.io/docs/gvm-21.04/index.html#setting-up-an-admin-user

Доп. инфо

Как ставить сканер уязвимостей GVM 21 на CentOS 8 из Atomic репы:

* https://sys-adm.in/systadm/nix/964-kak-ustanovit-skaner-uyazvimostej-greenbone-openvas-21-v-centos-8-2022.html

====

(EN) OpenVAS GVM 21 Ubuntu 20+ Installer

You can read REDME.md in repo:

https://github.com/m0zgen/install-gvm21

Script wrote according official documentation:

https://greenbone.github.io/docs/gvm-21.04/index.html#setting-up-an-admin-user

Magecart Groups Abuse Google Tag Manager

https://geminiadvisory.io/magecart-google-tag-manager/

Critical update to Chrome

https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html?m=1

USB Over Ethernet | Multiple Vulnerabilities in AWS and Other Major Cloud Services

https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/

Note: BLD Сервис - Замена сервера (RU)

Сегодня было решено заменить сервер с IP 193.178.169.33 на другой, более мощный в другом дата-центре с новым IP 49.12.234.130

"Старый" IP будет работать еще 3 дня, после чего сервер будет удален, пожалуйста обновите/измените IP адреса, кто использует "старый" IP адрес.

Заранее всем спасибо за понимание.

Note: BLD Service - Server replacement (EN)

Today it was decided to replace the server with IP 193.178.169.33 with another, more powerful one in another data center with a new IP 49.12.234.130

The "old" IP will work for another 3 days, after which the server will be deleted, please update / change the IP who is using the "old" IP.

Thanks in advance for your understanding.

~~~

What is BLD DNS service - lab.sys-adm.in

CVE-2021-38759 | Raspberry Pi OS hard-coded password (CNVD-2021-43968)
https://vuldb.com/?id.187741

Windows 10 RCE: The exploit is in the link

https://positive.security/blog/ms-officecmd-rce

Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon — Palisade
https://palisade.consulting/blog/tld-hacking

Malicious npm Packages Are After Your Discord Tokens – 17 New Packages Disclosed

https://jfrog.com/blog/malicious-npm-packages-are-after-your-discord-tokens-17-new-packages-disclosed/

A new StrongPity variant hides behind Notepad++ installation

https://blog.minerva-labs.com/a-new-strongpity-variant-hides-behind-notepad-installation

--up--

RCE 0-day exploit found in log4j, a popular Java logging package

- https://www.lunasec.io/docs/blog/log4j-zero-day/

PoC and etc:
- https://github.com/tangxiaofeng7/apache-log4j-poc
- https://github.com/YfryTchsGD/Log4jAttackSurface
- https://gist.github.com/gnremy/c546c7911d5f876f263309d7161a7217

P.S. thx for the some links dear subscribers ✌️

Kali Linux 2021.4 Release | Kali Linux Blog
https://www.kali.org/blog/kali-linux-2021-4-release/

When Honey Bees Become Murder Hornets - Eclypsium

What do you do when two million cheap and powerful devices become the launchpad for one of the most powerful botnets ever? You stop treating the threat like a newly discovered and unexpected honey bee hive and you start remediating like you’ve discovered a Murder Hornet nest.

Based in Latvia, MikroTik may not be a household name, but it has been a popular supplier of routers and wireless ISP devices since 1996 with more than 2,000,000 devices deployed worldwide. These devices are both powerful, and as our research shows, often highly vulnerable. For the money, there is hardly a more powerful device a consumer can get their hands on

https://eclypsium.com/2021/12/09/when-honey-bees-become-murder-hornets/

Напоминаю: Сегодня в Алматы в 18:00 начнётся Бинарный эвент вместе с r0crewKZ

- Ресерчинг, Атаки, Эксплуатация, и Пиво конечно :)

Детали:
- https://news.1rj.ru/str/sysadm_in_up/916

~~

Remind: Today in Almaty at 06:00 PM we will start Binary event with r0crewKZ

- Researching, Attacking, Exploiting and Beer 🍻 of course :)

Details:
- https://news.1rj.ru/str/sysadm_in_up/916

How SASE is saving the marriage between network and security | VentureBeat
https://venturebeat.com/2021/06/03/how-sase-is-saving-the-marriage-between-network-and-security/

..being exploited in the wild

https://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html?m=1

Apache Log4Shell Vaccine

https://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228

P.S. thx for the link BORODA(C) ✌️

About the security content of iOS 15.2 and iPadOS 15.2 - Apple Support
https://support.apple.com/en-us/HT212976

Microsoft back to its old tricks to get an edge on the competition. | Vivaldi Browser
https://vivaldi.com/blog/microsoft-back-to-its-old-tricks-to-get-an-edge-on-the-competition/

Update Google Chrome to Patch New Zero-Day Exploit Detected in the Wild

https://thehackernews.com/2021/12/update-google-chrome-to-patch-new-zero.html?m=1

Chrome Releases

https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html