/ Critical Vulnerability Affecting Crypto Wallet Browser Extensions
Wallets that were affected include MetaMask, Brave, Phantom, and xDefi, who have remediated the issue:
https://halborn.com/halborn-discovers-critical-vulnerability-affecting-crypto-wallet-browser-extensions/
Wallets that were affected include MetaMask, Brave, Phantom, and xDefi, who have remediated the issue:
https://halborn.com/halborn-discovers-critical-vulnerability-affecting-crypto-wallet-browser-extensions/
Halborn
Halborn Discovers Critical Vulnerability Affecting Crypto Wallet Browser Extensions
On June 15 2022 Halborn revealed the discovery of a critical vulnerability affecting crypto wallets MetaMask, Brave, Phantom, and xDefi.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
[ru] Мои "Flex" факторы работы с инфраструктурой, про 12 факторов Heroku и не только
В Августе 2021 года, когда я запускал OPEN BLD DNS и по сегодняшний день - слыхом не слыхивал про методологию THE TWELVE-FACTOR APP, но когда прочитал, понял - у меня все так и было +- на интуитивном уровне, сегодня хочу рассказать свою версию факторов подхода к разработке, деплою, использованию и отслеживанию работоспособности проектов.
Далее о 12 факторах, моей "Flex" методологии и о том, как это все можно применять на практике:
* Статья о 12 факторах Heroku и моего “Flex” взгляда
~~~
[en] My "Flex" factors working with infrastructure and about of 12-factors app from Heroku
Try to use Google Translator, but I created repo and site for my “Flex” concept:
* Repo: https://github.com/m0zgen/flex-doc
* Site: https://flex-doc.pages.dev
В Августе 2021 года, когда я запускал OPEN BLD DNS и по сегодняшний день - слыхом не слыхивал про методологию THE TWELVE-FACTOR APP, но когда прочитал, понял - у меня все так и было +- на интуитивном уровне, сегодня хочу рассказать свою версию факторов подхода к разработке, деплою, использованию и отслеживанию работоспособности проектов.
Далее о 12 факторах, моей "Flex" методологии и о том, как это все можно применять на практике:
* Статья о 12 факторах Heroku и моего “Flex” взгляда
~~~
[en] My "Flex" factors working with infrastructure and about of 12-factors app from Heroku
Try to use Google Translator, but I created repo and site for my “Flex” concept:
* Repo: https://github.com/m0zgen/flex-doc
* Site: https://flex-doc.pages.dev
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
/ The many lives of BlackCat ransomware
Tergeted to Exchange servers. Analysis:
https://www.microsoft.com/security/blog/2022/06/13/the-many-lives-of-blackcat-ransomware/
Tergeted to Exchange servers. Analysis:
https://www.microsoft.com/security/blog/2022/06/13/the-many-lives-of-blackcat-ransomware/
Microsoft News
The many lives of BlackCat ransomware
The use of an unconventional programming language, multiple target devices and possible entry points, and affiliation with prolific threat activity groups have made the BlackCat ransomware a prevalent threat and a prime example of the growing ransomware-as…
/ DFSCoerce
PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method:
https://github.com/Wh04m1001/DFSCoerce
PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method:
https://github.com/Wh04m1001/DFSCoerce
GitHub
GitHub - Wh04m1001/DFSCoerce
Contribute to Wh04m1001/DFSCoerce development by creating an account on GitHub.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Simple Knot Resolver installation and configuration example article (ru)
* Install
* Logging
* DNS, DoT, DoH example config
* DNS Forwarding
* RPZ example section
* DNS Application Firewall
* Caching
- https://sys-adm.in/systadm/986-prostoj-primer-ustanovki-i-nastrojki-knot-resolver.html
* Install
* Logging
* DNS, DoT, DoH example config
* DNS Forwarding
* RPZ example section
* DNS Application Firewall
* Caching
- https://sys-adm.in/systadm/986-prostoj-primer-ustanovki-i-nastrojki-knot-resolver.html
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
[ru] OFFZONE в поисках докладчиков, самое время выслать заявку на участие и тезисы доклада:
https://offzone.moscow/ru/2022-call-for-papers/
[en] OFFZONE Cybersecurity Conference in search of speakers, it's time to send an application for participation and theses of the reports
https://offzone.moscow/ru/2022-call-for-papers/
[en] OFFZONE Cybersecurity Conference in search of speakers, it's time to send an application for participation and theses of the reports
Open BLD DNS Updating News: New BLD release, New tools and more
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
/ Checkov - static code analysis tool for infrastructure as code (IaC) and also a software composition analysis (SCA) tool for images and open source packages.
New release available here:
* https://github.com/bridgecrewio/checkov
New release available here:
* https://github.com/bridgecrewio/checkov
GitHub
GitHub - bridgecrewio/checkov: Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as…
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew. - bridgecrewio/checkov
/ ABCsoup: The Malicious Adware Extension with 350 Variants
https://blog.zimperium.com/abc-soup-the-malicious-adware-extension-with-350-variants/
https://blog.zimperium.com/abc-soup-the-malicious-adware-extension-with-350-variants/
Zimperium
ABCsoup: The Malicious Adware Extension with 350 Variants - Zimperium
What can ABCsoup do? Recently Zimperium discovered and began monitoring the growth of a wide range of malicious browser extensions with the same extension
/ USBGuard - can help to protect Linux from BadUSB and etc.
Open Source software framework helps to protect your computer against rogue USB devices (a.k.a. BadUSB) by implementing basic whitelisting and blacklisting capabilities based on device attributes:
https://usbguard.github.io
Open Source software framework helps to protect your computer against rogue USB devices (a.k.a. BadUSB) by implementing basic whitelisting and blacklisting capabilities based on device attributes:
https://usbguard.github.io
usbguard.github.io
home | USBGuard
USBGuard project site.
Sys-Admin InfoSec pinned «Open BLD DNS Updating News: New BLD release, New tools and more I'm happy to present new Open BLD release which is already in production 🎉 🌴 Stabilities and Updates: • Atomizing/Micro-servicing: Different server BLD infrastructure roles • Alerting coverage:…»
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
How to reset Linux user password with Ansible
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
In this blog we will provide a deep technical analysis of a new and fully undetected Linux threat we named OrBit..:
https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat
P.S. Thx @Anykey76 ✌️
In this blog we will provide a deep technical analysis of a new and fully undetected Linux threat we named OrBit..:
https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat
P.S. Thx @Anykey76 ✌️
Intezer
OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
OrBit is a new Linux malware that hijacks the execution flow, evading and gaining persistence to get remote access and steal information.
/ MS Windows Autopatch has arrived
Autopatch helps streamline updating... Anounce:
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-autopatch-has-arrived/ba-p/3570119
Autopatch helps streamline updating... Anounce:
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-autopatch-has-arrived/ba-p/3570119
TECHCOMMUNITY.MICROSOFT.COM
Windows Autopatch has arrived! | Microsoft Community Hub
See how Windows Autopatch can optimize update management for your organization.
/ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/
https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/
Microsoft News
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the…
/ SAP Security Patch Day July 2022: Three Applications in Focus
https://onapsis.com/blog/sap-security-patch-day-july-2022-three-applications-focus
https://onapsis.com/blog/sap-security-patch-day-july-2022-three-applications-focus
Onapsis
SAP Security Patch Day July 2022: Three Applications in Focus
Get the latest insights from Onapsis on the July 2022 SAP Security Notes. Find out about high priority notes and stay protected.
/ Lenovo Notebook BIOS Vulnerabilities
https://support.lenovo.com/kz/kk/product_security/ps500500-lenovo-notebook-bios-vulnerabilities
https://support.lenovo.com/kz/kk/product_security/ps500500-lenovo-notebook-bios-vulnerabilities
/ Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
MS uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. MS shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) in October 2021. A fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates released by Apple on May 16, 2022. Microsoft shares the vulnerability disclosure credit with another researcher, Arsenii Kostromin (0x3c3e), who discovered a similar technique independently.
* Article
/ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA)..:
* Article
MS uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. MS shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) in October 2021. A fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates released by Apple on May 16, 2022. Microsoft shares the vulnerability disclosure credit with another researcher, Arsenii Kostromin (0x3c3e), who discovered a similar technique independently.
* Article
/ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA)..:
* Article
/ The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures
https://www.akamai.com/blog/security/paypal-phishing-scam-mimics-known-security-measures
https://www.akamai.com/blog/security/paypal-phishing-scam-mimics-known-security-measures
Akamai
Akamai Blog | The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures
Identity theft affects millions of people every year. See this piece on a scam purporting to be PayPal in an effort to gain total identity theft.