/ Microsoft Vulnerabilities Report 2022

Historically, the report has delivered a holistic annual view of the vulnerabilities within Microsoft’s platforms and products, and has established an
undeniable business case for the importance of removing admin rights to reduce risk…

/ Technical Advisory – Multiple Vulnerabilities in U-Boot (CVE-2022-30790, CVE-2022-30552)

U-boot is a popular boot loader for embedded systems with implementations for a large number of architectures and prominent in most Linux based embedded systems such as ChromeOS and Android Devices:

https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/

/ What is DNSCrypt

DNSCrypt is a protocol that encrypts, authenticates and optionally anonymizes communications between a DNS client and a DNS resolver. It prevents DNS spoofing. It uses cryptographic signatures to verify that responses originate from the chosen DNS resolver and haven’t been tampered with.

It is an open specification, with free and open source reference implementations, and it is not affiliated with any company nor organization:

https://dnscrypt.info/

/ Использование офисных документов в кибератаках

статистика вредоносных вложений в почтовом трафике и не только:

https://securelist.ru/malicious-office-documents-in-cyber-attacks/105158/

/ Multiple vulnerabilities in Zyxel zysh

zysh vulnerabilities research:

https://security.humanativaspa.it/multiple-vulnerabilities-in-zyxel-zysh/

⚙️ Monitor.sh - Script for checking systemd unit status

monitor.sh can run custom noscript / action if unit has stopped or running statuses, examples:

./monitor.sh -u sshd -a "/path/to/action-noscript/action.sh"

or

./monitor.sh -u multipathd -r -a "/usr/local/sbin/test.sh"

or just:

./monitor.sh -u multipathd -r

add this noscript to cron and if your systemd unit will be stopped or disabled, monitor.sh will enable and will try tu restart targeted systemd unit…

* https://github.com/m0zgen/monitor

/ Ransomware The True Cost to Business

A Global Study on Ransomware Business Impact report:

https://www.cybereason.com/hubfs/dam/collateral/reports/Ransomware-The-True-Cost-to-Business-2022.pdf

Этика и психология индивидуума айтишного и не только. Риторика.

- В начале было слово. Слово - это поступок. Говоря слова и собирая их в предложения, абзацы - следи за собой ибо ты совершаешь поступки.
- Воля, дух - их как бы нет как органов, но их можно тренировать, развивать и использовать это в своей жизни.
- Совокупность разных качеств образует образ - личность, эксперта или тряпку и болтуна.

Нравственность и мораль, а так же жизненный опыт, аспекты слова и духа и много чего еще образуют еще одну сущность, дисциплину - этика…

Далее о наборе различных компетенций формирующих поведение и отношение к жизни, самомы себе и окружающим:

- https://sys-adm.in/live/983-etika-i-psikhologiya-individuuma-ajtishnogo-i-ne-tolko-ritorika.html

/ Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat

And:

https://www.intezer.com/blog/research/new-linux-threat-symbiote/

/ Apache HTTP Server 2.4 vulnerabilities fixes

This page lists all security vulnerabilities fixed in released versions of Apache HTTP Server 2.4

https://httpd.apache.org/security/vulnerabilities_24.html

/ firejail: local root exploit reachable via --join logic
(CVE-2022-31214)

https://www.openwall.com/lists/oss-security/2022/06/08/10

Exploit:

https://www.openwall.com/lists/oss-security/2022/06/08/10/1

/ Atom and will archive all projects under the organization on December 15, 2022

There was a good editor(

https://github.blog/2022-06-08-sunsetting-atom/

/ Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-011

https://www.drupal.org/sa-core-2022-011

/ FIREFOX AND CHROME ARE SQUARING OFF OVER AD-BLOCKER EXTENSIONS

...
THE SAME FEATURE CAN BE USED MALICIOUSLY TO HIJACK USERS’ LOGIN CREDENTIALS OR INSERT EXTRA ADS INTO WEB PAGES
...

https://www.theverge.com/2022/6/10/23131029/mozilla-ad-blocking-firefox-google-chrome-privacy-manifest-v3-web-request

P.S. Sys-Admin Open BLD Service does not use browser extantions or etc, it is encrypted malisious/tracking/ad DNS blocking service which support many popular browsers, mobile devices, routers, OSs, details : https://lab.sys-adm.in

/ Apple M1 PACMAN attack

PACMAN is a novel hardware attack that can bypass Pointer Authentication (PAC) on the Apple M1 CPU. We present the following contributions:

- A new way of thinking about compounding threat models in the Spectre age.
- Reverse engineered details of the M1 memory hierarchy.
- A hardware attack to forge kernel PACs from userspace on M1.

Details:
* https://pacmanattack.com/

/ Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190

/ New Hertzbleed Attack

Hertzbleed is a new family of side-channel attacks: frequency side channels. In the worst case, these attacks can allow an attacker to extract cryptographic keys from remote servers that were previously believed to be secure:

https://www.hertzbleed.com/