Сегодня в Алматы состоится сходка нескольких ИТ-комьюнити с докладами и не только (Lenore Pub, 19:00)
Движуху двигают r0crewKZ совместно с SolveChat, будет куча докладов (и я там тоже буду)
1. Александр Ошлаков - "Пишем код в функциональном стиле. Как и главное Зачем"
2. Евгения Цыбренко - "Гибридные Криптобиржи: взгляд изнутри"
3. Thatskriptkid - "Решаем андроид крякми с помощью IDA"
4. novitoll - "gnuradio: Eins, zwei (G), Polizei, Drei (G), vier (G), Grenadier, Fünf (G)?"
5. Sh3lldon - Патчинг bin, elf и pe файлов с гидрой
6. sysadmin "Аваренесс о неявных превентивных сервисах"
Бесплатно, без стрима, без записи.
Не забываем подтягиваться в Lenore Pub к 19:00 ✌️
#free #meetup #ru
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
HR головного мозга или что не так с рынком поиска трудовых резервов
Периодически поглядываю на рынок труда, как с точки зрения работодателя, так и с точки зрения соискателя.
Последнее время, метаморфоза типов, видов, способов трудового взаимодействия претерпела значительные, но почему то не совсем видимые и даже порой неочевидные вещи (для вполне очевидных вещей) - для конечных пользователей рынка, будь то HR или соискатель.
Возможно нижесказанное, есть ни что иное, как субъективный взгляд со своей (моей) колокольни, но что действительно вырисовывается из общей картины хочется зафиксировать в этом артикле..:
- [HR головного мозга](https://sys-adm.in/live/978-hr-golovnogo-mozga-ili-chto-ne-tak-s-rynkom-poiska-trudovykh-rezervov.html)
#ru #blog #reflections
Периодически поглядываю на рынок труда, как с точки зрения работодателя, так и с точки зрения соискателя.
Последнее время, метаморфоза типов, видов, способов трудового взаимодействия претерпела значительные, но почему то не совсем видимые и даже порой неочевидные вещи (для вполне очевидных вещей) - для конечных пользователей рынка, будь то HR или соискатель.
Возможно нижесказанное, есть ни что иное, как субъективный взгляд со своей (моей) колокольни, но что действительно вырисовывается из общей картины хочется зафиксировать в этом артикле..:
- [HR головного мозга](https://sys-adm.in/live/978-hr-golovnogo-mozga-ili-chto-ne-tak-s-rynkom-poiska-trudovykh-rezervov.html)
#ru #blog #reflections
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
/ Massive WordPress JavaScript Injection Campaign Redirects to Ads
https://blog.sucuri.net/2022/05/massive-wordpress-javanoscript-injection-campaign-redirects-to-ads.html
https://blog.sucuri.net/2022/05/massive-wordpress-javanoscript-injection-campaign-redirects-to-ads.html
Sucuri Blog
Massive WordPress JavaScript Injection Campaign Redirects to Ads
May 2022 saw a new wave for the massive malware campaign that targets vulnerable plugins and themes in WordPress websites to inject malicious JavaScript and redirect site visitors to ads and scam pages.
/ Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a non-privileged user to a privileged one:
https://blog.talosintelligence.com/2022/05/blog-post-.html
InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a non-privileged user to a privileged one:
https://blog.talosintelligence.com/2022/05/blog-post-.html
/ Zyxel Firewall Unauthenticated Remote Command Injection
https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/
https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/
Rapid7
CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection | Rapid7 Blog
/ Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders
https://www.microsoft.com/security/blog/2022/05/11/center-for-threat-informed-defense-microsoft-and-industry-partners-streamline-mitre-attck-matrix-evaluation-for-defenders/
https://www.microsoft.com/security/blog/2022/05/11/center-for-threat-informed-defense-microsoft-and-industry-partners-streamline-mitre-attck-matrix-evaluation-for-defenders/
Microsoft News
Center for Threat-Informed Defense, Microsoft, and industry partners streamline MITRE ATT&CK® matrix evaluation for defenders
The Center for Threat-Informed Defense, along with Microsoft and industry partners, collaborated on a repeatable methodology and a web-based calculator, aiming to streamline MITRE ATT&CK® use for defenders.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Combining even more techniques to defeat EDR via DLL unhooking and AMSI bypass
Research article:
https://kymb0.github.io/malwaredev-defeat-edr-unhook/
Research article:
https://kymb0.github.io/malwaredev-defeat-edr-unhook/
kymBlog
Combining even more techniques to defeat EDR via DLL unhooking and AMSI bypass
Taking on an enterprise grade EDR for fun, profit, and learning
/ Kali Linux 2022.2 Release
This release has various impressive updates:
https://www.kali.org/blog/kali-linux-2022-2-release/
This release has various impressive updates:
https://www.kali.org/blog/kali-linux-2022-2-release/
Kali Linux
Kali Linux 2022.2 Release (GNOME 42, KDE 5.24 & hollywood-activate) | Kali Linux Blog
It’s that time of year again, time for another Kali Linux release! Quarter #2 - Kali Linux 2022.2. This release has various impressive updates, all of which are ready for immediate download or updating.
The summary of the changelog since the 2022.1 release…
The summary of the changelog since the 2022.1 release…
/ Exploiting a Use-After-Free for code execution in every version of Python 3
PoC:
https://pwn.win/2022/05/11/python-buffered-reader.html
PoC:
https://pwn.win/2022/05/11/python-buffered-reader.html
pwn.win
Exploiting a Use-After-Free for code execution in every version of Python 3
A while ago I was browsing the Python bug tracker, and I stumbled upon this bug - “memoryview to freed memory can cause segfault”. It was created in 2012, originally present in Python 2.7, but remains open to this day, 10 years later. This piqued my interest…
/ Windows 11 KB5013943 is crashing PCs with BSOD, antivirus firm Sophos warns
https://www.windowslatest.com/2022/05/15/windows-11-kb5013943-is-crashing-devices-with-bsod-antivirus-firm-sophos-warns/
https://www.windowslatest.com/2022/05/15/windows-11-kb5013943-is-crashing-devices-with-bsod-antivirus-firm-sophos-warns/
Windows Latest
Windows 11 KB5013943 is crashing PCs with BSOD, antivirus firm Sophos warns
The problems introduced by Windows 11 KB5013943 (May 2022 Patch Tuesday) are pretty serious: it’s crashing computers with Blue Screen of Death if they rely on certain drivers required for apps like antivirus. For those unaware, KB5013943 (May 2022) was released…
/ Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
https://blog.talosintelligence.com/2022/05/vuln-spotlight-nvidia-driver-memory.html
https://blog.talosintelligence.com/2022/05/vuln-spotlight-nvidia-driver-memory.html
Cisco Talos Blog
Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Piotr Bania of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card.
NVIDIA…
Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an attacker to corrupt memory and write arbitrary memory on the card.
NVIDIA…
/ Interactive Phishing: Using Chatbot-like Web Applications to Harvest Information
https://www.trustwave.com/media/18693/capture3.png
https://www.trustwave.com/media/18693/capture3.png
/ Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/
https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/
Microsoft News
Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices
Observing a 254% increase in activity over the last six months from a versatile Linux trojan called XorDdos, the Microsoft 365 Defender research team provides in-depth analysis into this stealthy malware's capabilities and key infection signs.
/ CVE-2022-1729: race condition in Linux perf subsystem leads to local privilege escalation
https://www.openwall.com/lists/oss-security/2022/05/20/2
https://www.openwall.com/lists/oss-security/2022/05/20/2
/ Cisco IOS XR Software Health Check Open Port Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK#fs
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK#fs
Cisco
Cisco Security Advisory: Cisco IOS XR Software Health Check Open Port Vulnerability
A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container.
This vulnerability exists because the health check RPM opens TCP port…
This vulnerability exists because the health check RPM opens TCP port…
/ Azure DNS Private Resolver
Is a new service that enables customers to query Azure DNS private zones from an on-premises environment and vice versa without deploying VM-based DNS servers. This new service is fully-managed in Azure and in public preview:
https://www.infoq.com/news/2022/05/azure-dns-private-resolver/
Is a new service that enables customers to query Azure DNS private zones from an on-premises environment and vice versa without deploying VM-based DNS servers. This new service is fully-managed in Azure and in public preview:
https://www.infoq.com/news/2022/05/azure-dns-private-resolver/
InfoQ
Microsoft Releases Azure DNS Private Resolver in Public Preview
Azure DNS Private Resolver is a new service that enables customers to query Azure DNS private zones from an on-premises environment and vice versa without deploying VM-based DNS servers. This new service is fully-managed in Azure and in public preview.
/ Malware Campaign Targets InfoSec Community: Threat Actor Uses Fake Proof Of Concept To Deliver Cobalt-Strike Beacon
It is a something new :
https://blog.cyble.com/2022/05/20/malware-campaign-targets-infosec-community-threat-actor-uses-fake-proof-of-concept-to-deliver-cobalt-strike-beacon/
It is a something new :
https://blog.cyble.com/2022/05/20/malware-campaign-targets-infosec-community-threat-actor-uses-fake-proof-of-concept-to-deliver-cobalt-strike-beacon/
Cyble
Malware Targets InfoSec: Fake PoC Delivers Cobalt Strike
It becomes essential for the Infosec Community members to check the credibility of sources before downloading any proof of concept.