/ Critical Vulnerability – Hikvision Wireless Bridge

…An attacker can exploit the vulnerability by sending crafted messages to the affected devices..:

https://www.redinent.com/blog/critical-vulnerability-hikvision-wireless-bridge/

Domain Name System (DNS) Parameters

Last Updated 2022-12-06

https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml

Открытый практикум DevOps by Rebrain: IT-Quiz
 
Программа:
• квизы на разбор проблем в Kubernetes кластере
• решение в онлайн-формате
• призы победителям

• 27 Декабря (Вторник) в 19:00 по МСК. Детали
• Василий Озеров - Co-Founder REBRAIN. Более 8 лет Devops практик.

/ LastPass Data Breach December Update

...We recently notified you that an unauthorized party gained access to a third-party cloud-based storage service, which LastPass uses to store archived backups of our production data. In keeping with our commitment to transparency, we want to provide you with an update regarding our ongoing investigation.

What We’ve Learned..:

https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/

/ Detecting Azure AD Account Takeover Attacks

Cloud account takeover(ATO) is an attack where attackers gain access to cloud identities by using methods like social engineering, device code phishing, etc. Detecting these attacks can sometimes be difficult. In this blog, I’ll explain how we can develop a generic detection that covers almost any, if not all, methods for Azure AD (Well, the method can be applied to other identity providers, too)..:

— https://posts.bluraven.io/detecting-azure-ad-account-takeover-attacks-b2652bb65a4c

/ Details on this supposed Linux Kernel ksmbd RCE

https://seclists.org/oss-sec/2022/q4/228

/ ACSESSED: Cross-tenant network bypass in Azure Cognitive Search

https://www.mnemonic.io/resources/blog/acsessed-cross-tenant-network-bypass-in-azure-cognitive-search/

/ Check Point response to CVE-2021-26414 - "Windows DCOM Server Security Feature Bypass"

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176148&t=1672019191897

/ ZyXEL LTE3301-M209 - "Backdoor" credentials

https://resolverblog.blogspot.com/2022/12/cve-2022-40602-zyxel-lte3301-m209.html

The FBI is warning the public that cyber criminals are using search engine advertisement services to impersonate brands and direct users to malicious sites that host ransomware and steal login credentials and other financial information:

https://www.ic3.gov/Media/Y2022/PSA221221

/ Pass-the-Challenge: Defeating Windows Defender Credential Guard

..new techniques for recovering the NTLM hash from an encrypted credential protected by Windows Defender Credential Guard..:

https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22

/ WordPress Stop Spammers Security < 2022.6 - Unauthenticated PHP Object Injection

PoC:

https://wpscan.com/vulnerability/e8bb79db-ef77-43be-b449-4c4b5310eedf

/ New Deployment Option for Self-Hosting Bitwarden

https://bitwarden.com/blog/new-deployment-option-for-self-hosting-bitwarden/

/ New CatB Ransomware Employs 2-Year Old DLL Hijacking Technique To Evade Detection

https://minerva-labs.com/blog/new-catb-ransomware-employs-2-year-old-dll-hijacking-technique-to-evade-detection/

/ Shc Linux Malware Installing CoinMiner

https://asec.ahnlab.com/en/45182/

/ Slack GitHub repos had suspicious access

https://slack.com/intl/en-gb/blog/news/slack-security-update

/ Get root on macOS 13.0.1 with CVE-2022-46689, the macOS Dirty Cow bug

https://worthdoingbadly.com/macdirtycow/

P.S. thx for the link @clevergod ✌️

/ SQL Injection vulnerability (CVE-2022-47523) was discovered in Password Manager Pro, PAM360 and Access Manager Plus

https://www.manageengine.com/privileged-session-management/advisory/cve-2022-47523.html

/ CircleCI security alert: Rotate any secrets stored in CircleCI

https://circleci.com/blog/january-4-2023-security-alert/