/ Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

Newst updated document frim NIST

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf

/ Vulnerabilities in Avast And AVG Put Millions At Risk

https://www.sentinelone.com/labs/vulnerabilities-in-avast-and-avg-put-millions-at-risk/

/ Raspberry Robin gets the worm early

Red Canary is tracking a worm spread by external drives that leverages Windows Installer to reach out to QNAP-associated domains and download a malicious DLL:

https://redcanary.com/blog/raspberry-robin/

BLD DNS Project Status Update (May 2022)
 
At the this Q2 2022, BLD has some good updates and news!

🪴 BLD Service updates

- Anti-flood Security Implementations and Improvements
- Optimized Debian based distros will change CentOS based
- Regex-supporting implementation
- New overlimits regulations and improvement performance
- Current month num of requests to BLD DNS 10M+ exceeded and the infrastructure withstood such a load, despite the minimal configuration of virtual servers 🥳
- BLD Project Site updates (Adaptive support for mobile devices, Multilingual support: EN, RU, BLD how to setup instructions: EN, RU )

🧩 New servers, resources and locations

At the last few months BLD infrastructure was updated:
- GoHost.kz - Nur-Sultan Server
- Unihost.kz - Almaty Server
- X-RDP - Monreal Server

🤝 BLD receive some supporting from:
- G-Core Labs - Cloud resources
- JetBrains - Open source license to BLD project

⚠️ Deprecation/Changing notises
- ! doh.sys-adm.in will be deprecated, please change your settings to bld.sys-adm.in
 

/ Microsoft Windows LSA Spoofing vulneravility

Windows LSA spoofing vulnerability provides a opprtunity for attackers to authenticate to domain controllers

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26925

/ Security Advisory: Insufficient Tenant Separation in Azure Synapse Service

https://orca.security/resources/blog/azure-synapse-analytics-security-advisory/

/ Announcing Fedora Linux 36

https://fedoramagazine.org/announcing-fedora-36/

 
Сегодня в Алматы состоится сходка нескольких ИТ-комьюнити с докладами и не только (Lenore Pub, 19:00)

Движуху двигают r0crewKZ совместно с SolveChat, будет куча докладов (и я там тоже буду)

1. Александр Ошлаков - "Пишем код в функциональном стиле. Как и главное Зачем"
2. Евгения Цыбренко - "Гибридные Криптобиржи: взгляд изнутри"
3. Thatskriptkid - "Решаем андроид крякми с помощью IDA"
4. novitoll - "gnuradio: Eins, zwei (G), Polizei, Drei (G), vier (G), Grenadier, Fünf (G)?"
5. Sh3lldon - Патчинг bin, elf и pe файлов с гидрой
6. sysadmin "Аваренесс о неявных превентивных сервисах"

Бесплатно, без стрима, без записи.

Не забываем подтягиваться в Lenore Pub к 19:00 ✌️
#free #meetup #ru
 

HR головного мозга или что не так с рынком поиска трудовых резервов

Периодически поглядываю на рынок труда, как с точки зрения работодателя, так и с точки зрения соискателя.

Последнее время, метаморфоза типов, видов, способов трудового взаимодействия претерпела значительные, но почему то не совсем видимые и даже порой неочевидные вещи (для вполне очевидных вещей) - для конечных пользователей рынка, будь то HR или соискатель.

Возможно нижесказанное, есть ни что иное, как субъективный взгляд со своей (моей) колокольни, но что действительно вырисовывается из общей картины хочется зафиксировать в этом артикле..:

- [HR головного мозга](https://sys-adm.in/live/978-hr-golovnogo-mozga-ili-chto-ne-tak-s-rynkom-poiska-trudovykh-rezervov.html)

#ru #blog #reflections

/ Massive WordPress JavaScript Injection Campaign Redirects to Ads

https://blog.sucuri.net/2022/05/massive-wordpress-javanoscript-injection-campaign-redirects-to-ads.html

/ Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access

InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a non-privileged user to a privileged one:

https://blog.talosintelligence.com/2022/05/blog-post-.html

/ Zyxel Firewall Unauthenticated Remote Command Injection

https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/

/ Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders

https://www.microsoft.com/security/blog/2022/05/11/center-for-threat-informed-defense-microsoft-and-industry-partners-streamline-mitre-attck-matrix-evaluation-for-defenders/

Combining even more techniques to defeat EDR via DLL unhooking and AMSI bypass

Research article:

https://kymb0.github.io/malwaredev-defeat-edr-unhook/

Apple released multiple security patches for they products

https://support.apple.com/en-us/HT201222

Note: today doh.sys-adm.in will be changed to bld.sys-adm.in (IP 109.234.39.72)

up: Done! ✅

/ Kali Linux 2022.2 Release

This release has various impressive updates:

https://www.kali.org/blog/kali-linux-2022-2-release/

/ Exploiting a Use-After-Free for code execution in every version of Python 3

PoC:

https://pwn.win/2022/05/11/python-buffered-reader.html

/ Windows 11 KB5013943 is crashing PCs with BSOD, antivirus firm Sophos warns

https://www.windowslatest.com/2022/05/15/windows-11-kb5013943-is-crashing-devices-with-bsod-antivirus-firm-sophos-warns/

/ Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver

https://blog.talosintelligence.com/2022/05/vuln-spotlight-nvidia-driver-memory.html