/ 20 years of payment processing problems

Electronic payment systems have existed on the Internet for a long time, and some bugs in them are twenty years old. We’ve found critical vulnerabilities allowing us to steal money and drive up the balance. Today we will analyze typical implementations of payment processing and related security issues…

https://bo0om.ru/20-years-of-payment-processing-problems-en

/ A look at the CloudMensis macOS spyware

CloudMensis is malware for macOS developed in Objective-C. Samples we analyzed are compiled for both Intel and Apple silicon architectures..:

* Technical analysis

AppFlowy.IO - The Open Source Alternative To Notion

You are in charge of your data and customizations.

Documentation:
* https://appflowy.gitbook.io/docs/essential-documentation/contribute-to-appflowy

Official site:
* https://www.appflowy.io

GitHub:
* https://github.com/AppFlowy-IO/appflowy

#need_ro_research

Open BLD DNS: Our supporter is UptimeRobot
 
Hey, UptimeRobot it is a very good solution for on-line monitoring tasks. I'm using UptimeRobot over than 10 years for monitoring tasks by:
- Ping availability my Blog and Forum
- HTTP(S) availability and SSL expiry reminders
- Port(s) availability for Open BLD services
- Keyword checking on web-pages

Free plan allow using UptimeRobot with 5 min. interval with notifications to email.

Now, UptimeRobot helps to Open BLD Project to reduce checking intervals to 1 min and now you can checking Open BLD status on:
• https://bld-status.sys-adm.in page.

On my own behalf, I express my deep gratitude to the UptimeRobot service, now the availability and stability of the Open BLD service has more monitoring than it was.
 
You can try / help to Open BLD DNS project through official BLD Project site:
* https://lab.sys-adm.in

/ DNS-over-HTTP/3 in Android

To help keep Android users’ DNS queries private, Android supports encrypted DNS. In addition to existing support for DNS-over-TLS, Android now supports DNS-over-HTTP/3 which has a number of improvements over DNS-over-TLS.

Announce from Google:

https://security.googleblog.com/2022/07/dns-over-http3-in-android.html

/ Luna and Black Basta — new ransomware for Windows, Linux and ESXi

Luna: brand-new ransomware written in Rust, Black Basta is a relatively new ransomware variant written in C++ which first came to light in February 2022…

Technical analysis:

https://securelist.com/luna-black-basta-ransomware/106950/

/ Apple released multiple security pathces for *OS

* About the security content of macOS Monterey 12.5. Details.
* About the security content of macOS Big Sur 11.6.8. Details.
* About the security content of Security Update 2022-005 Catalina. Details.

/ Atlassian Multiple Products Security Advisory - CVE-2022-26136, CVE-2022-26137

* Summary of Vulnerabilities

Open SysConf 22 да прибудет с нами сила!
 
Йоу! Внезапно. Нежданно не гаданно (как всегда) мы решили оффлайнутся в нашем любимом формате на Open SysConf 22:

Предварительные вводные Open SysConf 22:
• Первичный контекст конференции - Открытая конференция ИТ/ИБ/..OPS направлений
• Вторичный контекст конференции - Спорт, развитие, личностный рост, мотивация
• Тип встречи - оффлайн, вопросы с трансляцией/записью обсуждаются (об этом позже)
• Дата встречи - Октябрь, 2022г. Примерно середина месяца (об этом позже)
• Место - в процессе определения, но ясно одно, локация г.Алматы.

И конечно доклады, общение, знакомство, новые знания, мотивация и как результат личностный и профессиональный рост 🌱

Концепции:
• Без коммерции или коммерческого бэкграунда
• Открытость и бесплатность
• Свободный вход и участие
• Помощь и обеспечение - добровольное, донаты.

Заценить конфу и темы прошлогодней конференции:
• https://sysconf.io

Помни дорогой друг - Делиться своими знаниями и опытом это не только нужно - это необходимо.

Всем Peace ✌️
 

/ Unauthenticated SQL injection vulnerability in SonicWall GMS

https://www.cybersecurity-help.cz/vdb/SB2022072213

/ VMware ESXi TCP/IP Memory Corruption Remote Code Execution Vulnerability

https://www.zerodayinitiative.com/advisories/ZDI-22-1021/

P.S. Thx dear subscriber for the link ✌️

Boundary tool - Identity-based access for zero trust security

* https://www.boundaryproject.io/

/ Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits

https://www.microsoft.com/security/blog/2022/07/27/untangling-knotweed-european-private-sector-offensive-actor-using-0-day-exploits/

Samba 4.16.4, 4.15.9 and 4.14.14 Security Releases are available for Download

These are Security Releases in order to address CVE-2022-2031, CVE-2022-32742, CVE-2022-32744, CVE-2022-32745 and CVE-2022-32746.

https://www.samba.org/samba/latest_news.html#4.16.4

Old cat, new tricks, bad habits

An analysis of Charming Kitten’s new tools and OPSEC errors

The Telegram grabber tool is written in C++ and uses the open source Telegram Database Library (TDLib), a cross-platform Telegram client typically used to create custom apps for the platform... and many another interesting research info..:

https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/old-cat-new-tricks.html

System Administrator Appreciation Day

Be Strong, Be Healthy, Be Smart ✌️

/ Vulnerability in Dahua’s ONVIF Implementation Threatens IP Camera Security

https://www.nozominetworks.com/blog/vulnerability-in-dahua-s-onvif-implementation-threatens-ip-camera-security/

/ Living Off Windows Defender | LockBit Ransomware Sideloads Cobalt Strike Through Microsoft Security Tool

https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/

/ DNS settings to avoid email spoofing and phishing for unused domain

https://www.cyberciti.biz/security/dns-settings-to-avoid-email-spoofing-and-phishing-for-unused-domain/

/ Multiple vulnerabilities were privately reported to VMware. (critical)

Patches are available to remediate these vulnerabilities in affected VMware products:

https://www.vmware.com/security/advisories/VMSA-2022-0021.html