[ru] OFFZONE в поисках докладчиков, самое время выслать заявку на участие и тезисы доклада:
https://offzone.moscow/ru/2022-call-for-papers/
[en] OFFZONE Cybersecurity Conference in search of speakers, it's time to send an application for participation and theses of the reports
https://offzone.moscow/ru/2022-call-for-papers/
[en] OFFZONE Cybersecurity Conference in search of speakers, it's time to send an application for participation and theses of the reports
Open BLD DNS Updating News: New BLD release, New tools and more
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
I'm happy to present new Open BLD release which is already in production 🎉
🌴 Stabilities and Updates:
• Atomizing/Micro-servicing: Different server BLD infrastructure roles
• Alerting coverage: Local and remote BLD services
• Caching: Redis to KeyDB partially changes/migrations
• Caching: Sync caching between different BLD role servers
• Configurable: Minimum TLS version can be setup through config file
• Configurable: Multiple configations supporting
• Configurable: Custom HTTP User Agent for DoH upstreams
• Configurable: Updated conditional Bootstrap and Upstream functionality
• Stability: Auto-recovering and Self-checking mechanisms
🧩 Tools:
• IP Reflector. IP Reflection API Service.
• Monitor.sh. Script for checking systemd unit status
• Self-cert-gen. Simple self signed certificate generator
• monit2telegram. A simple noscript to send Monit alerts using Telegram bot.
• Flex App Additions Methodology. Flow for Engineers, this methodology can be used as additional helper for 12-Factor app or can be used separetely, as standalone practice.
🦚 Agentless BLD:
BLD works without agents or any additional tools and allow to use secure and clean Internet:
• In: Browsers (Chrome, Brave, Firefox, Edge and etc)
• On: Mobile devices (Android, iOS)
• In/On: Computers or networks (Primaty/Secondary DNS)
📟 More details on official BLD site:
• https://lab.sys-adm.in
#free #bld #dns
/ Checkov - static code analysis tool for infrastructure as code (IaC) and also a software composition analysis (SCA) tool for images and open source packages.
New release available here:
* https://github.com/bridgecrewio/checkov
New release available here:
* https://github.com/bridgecrewio/checkov
GitHub
GitHub - bridgecrewio/checkov: Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as…
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew. - bridgecrewio/checkov
/ ABCsoup: The Malicious Adware Extension with 350 Variants
https://blog.zimperium.com/abc-soup-the-malicious-adware-extension-with-350-variants/
https://blog.zimperium.com/abc-soup-the-malicious-adware-extension-with-350-variants/
Zimperium
ABCsoup: The Malicious Adware Extension with 350 Variants - Zimperium
What can ABCsoup do? Recently Zimperium discovered and began monitoring the growth of a wide range of malicious browser extensions with the same extension
/ USBGuard - can help to protect Linux from BadUSB and etc.
Open Source software framework helps to protect your computer against rogue USB devices (a.k.a. BadUSB) by implementing basic whitelisting and blacklisting capabilities based on device attributes:
https://usbguard.github.io
Open Source software framework helps to protect your computer against rogue USB devices (a.k.a. BadUSB) by implementing basic whitelisting and blacklisting capabilities based on device attributes:
https://usbguard.github.io
usbguard.github.io
home | USBGuard
USBGuard project site.
Sys-Admin InfoSec pinned «Open BLD DNS Updating News: New BLD release, New tools and more I'm happy to present new Open BLD release which is already in production 🎉 🌴 Stabilities and Updates: • Atomizing/Micro-servicing: Different server BLD infrastructure roles • Alerting coverage:…»
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
How to reset Linux user password with Ansible
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
* [en] - Read
Как сменить пароль Linux пользователя при помощи Ansible
* [ru] - Читать
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
In this blog we will provide a deep technical analysis of a new and fully undetected Linux threat we named OrBit..:
https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat
P.S. Thx @Anykey76 ✌️
In this blog we will provide a deep technical analysis of a new and fully undetected Linux threat we named OrBit..:
https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat
P.S. Thx @Anykey76 ✌️
Intezer
OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
OrBit is a new Linux malware that hijacks the execution flow, evading and gaining persistence to get remote access and steal information.
/ MS Windows Autopatch has arrived
Autopatch helps streamline updating... Anounce:
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-autopatch-has-arrived/ba-p/3570119
Autopatch helps streamline updating... Anounce:
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-autopatch-has-arrived/ba-p/3570119
TECHCOMMUNITY.MICROSOFT.COM
Windows Autopatch has arrived! | Microsoft Community Hub
See how Windows Autopatch can optimize update management for your organization.
/ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/
https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/
Microsoft News
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the…
/ SAP Security Patch Day July 2022: Three Applications in Focus
https://onapsis.com/blog/sap-security-patch-day-july-2022-three-applications-focus
https://onapsis.com/blog/sap-security-patch-day-july-2022-three-applications-focus
Onapsis
SAP Security Patch Day July 2022: Three Applications in Focus
Get the latest insights from Onapsis on the July 2022 SAP Security Notes. Find out about high priority notes and stay protected.
/ Lenovo Notebook BIOS Vulnerabilities
https://support.lenovo.com/kz/kk/product_security/ps500500-lenovo-notebook-bios-vulnerabilities
https://support.lenovo.com/kz/kk/product_security/ps500500-lenovo-notebook-bios-vulnerabilities
/ Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
MS uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. MS shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) in October 2021. A fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates released by Apple on May 16, 2022. Microsoft shares the vulnerability disclosure credit with another researcher, Arsenii Kostromin (0x3c3e), who discovered a similar technique independently.
* Article
/ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA)..:
* Article
MS uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. MS shared these findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR) in October 2021. A fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates released by Apple on May 16, 2022. Microsoft shares the vulnerability disclosure credit with another researcher, Arsenii Kostromin (0x3c3e), who discovered a similar technique independently.
* Article
/ From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA)..:
* Article
/ The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures
https://www.akamai.com/blog/security/paypal-phishing-scam-mimics-known-security-measures
https://www.akamai.com/blog/security/paypal-phishing-scam-mimics-known-security-measures
Akamai
Akamai Blog | The Kit That Wants It All: Scam Mimics PayPal’s Known Security Measures
Identity theft affects millions of people every year. See this piece on a scam purporting to be PayPal in an effort to gain total identity theft.
/ Unpacking Cloud-Based Cryptocurrency Miners That Abuse GitHub Actions and Azure Virtual Machines
https://www.trendmicro.com/en_us/research/22/g/unpacking-cloud-based-cryptocurrency-miners-that-abuse-github-ac.html
https://www.trendmicro.com/en_us/research/22/g/unpacking-cloud-based-cryptocurrency-miners-that-abuse-github-ac.html
Trend Micro
Unpacking Cloud-Based Cryptocurrency Miners That Abuse GitHub Actions and Azure Virtual Machines
We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for easy monetary gain.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Targeted Deanonymization via the Cache Side Channel: Attacks and Defenses
https://github.com/leakuidatorplusteam/artifacts
https://github.com/leakuidatorplusteam/artifacts
GitHub
GitHub - leakuidatorplusteam/artifacts: The Paper Artifact Availability
The Paper Artifact Availability. Contribute to leakuidatorplusteam/artifacts development by creating an account on GitHub.
/ 20 years of payment processing problems
Electronic payment systems have existed on the Internet for a long time, and some bugs in them are twenty years old. We’ve found critical vulnerabilities allowing us to steal money and drive up the balance. Today we will analyze typical implementations of payment processing and related security issues…
https://bo0om.ru/20-years-of-payment-processing-problems-en
Electronic payment systems have existed on the Internet for a long time, and some bugs in them are twenty years old. We’ve found critical vulnerabilities allowing us to steal money and drive up the balance. Today we will analyze typical implementations of payment processing and related security issues…
https://bo0om.ru/20-years-of-payment-processing-problems-en
/ A look at the CloudMensis macOS spyware
CloudMensis is malware for macOS developed in Objective-C. Samples we analyzed are compiled for both Intel and Apple silicon architectures..:
* Technical analysis
CloudMensis is malware for macOS developed in Objective-C. Samples we analyzed are compiled for both Intel and Apple silicon architectures..:
* Technical analysis
WeLiveSecurity
I see what you did there: A look at the CloudMensis macOS spyware
ESET uncovers CloudMensis, a macOS backdoor that spies on users of Mac devices and communicates with its operators via public cloud storage services.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
AppFlowy.IO - The Open Source Alternative To Notion
You are in charge of your data and customizations.
Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy
Official site:
* https://www.appflowy.io
GitHub:
* https://github.com/AppFlowy-IO/appflowy
#need_ro_research
You are in charge of your data and customizations.
Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy
Official site:
* https://www.appflowy.io
GitHub:
* https://github.com/AppFlowy-IO/appflowy
#need_ro_research
AppFlowy
AppFlowy is the AI collaborative workspace where you achieve more without losing control of your data