/ Microsoft Exchange Server Elevation of Privilege Vulnerability
Released: 8 Nov 2022 Last updated: 15 Dec 2022:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080
Released: 8 Nov 2022 Last updated: 15 Dec 2022:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080
/ Vulnerability Spotlight: Asus router access, information disclosure, denial of service vulnerabilities discovered
https://blog.talosintelligence.com/vulnerability-spotlight-asus-router-access-information-disclosure-denial-of-service-vulnerabilities-discovered/
https://blog.talosintelligence.com/vulnerability-spotlight-asus-router-access-information-disclosure-denial-of-service-vulnerabilities-discovered/
Cisco Talos Blog
Vulnerability Spotlight: Asus router access, information disclosure, denial of service vulnerabilities discovered
Cisco Talos recently discovered three vulnerabilities in Asus router software.
The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also supports mesh networking with other Asus routers. Like other routers, it is configurable…
The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also supports mesh networking with other Asus routers. Like other routers, it is configurable…
/ Linux kernel stack buffer overflow in nftables
https://www.openwall.com/lists/oss-security/2023/01/13/2
https://www.openwall.com/lists/oss-security/2023/01/13/2
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
1300+ domains are hosting a webpage that impersonates the official AnyDesk website (added to Open BLD)
— https://www.bleepingcomputer.com/news/security/over-1-300-fake-anydesk-sites-push-vidar-info-stealing-malware/
— https://www.bleepingcomputer.com/news/security/over-1-300-fake-anydesk-sites-push-vidar-info-stealing-malware/
lab.sys-adm.in
Sys-Admin Laboratory
Open Sys-Admin BLD DNS - Focus on information for free with adblocking and implicit cybersecurity threat prevention.
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Bitdefender-PR-Whitepaper-EyeSpyVPN-creat625-en-EN.pdf
8.6 MB
EyeSpy - Spyware Delivered in VPN Installers
https://www.bitdefender.com/blog/labs/eyespy-iranian-spyware-delivered-in-vpn-installers/
https://www.bitdefender.com/blog/labs/eyespy-iranian-spyware-delivered-in-vpn-installers/
/ Decrypted: BianLian Ransomware
The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022:
https://decoded.avast.io/threatresearch/decrypted-bianlian-ransomware/
The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022:
https://decoded.avast.io/threatresearch/decrypted-bianlian-ransomware/
Avast Threat Labs
Decrypted: BianLian Ransomware - Avast Threat Labs
The team at Avast has developed a decryptor for the BianLian ransomware and released it for public download. The BianLian ransomware emerged in August 2022, performing targeted attacks in various industries, such as the media and entertainment, manufacturing…
/ Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use
https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/
Git users are encouraged to upgrade to the latest version, especially if they use
git archive, work in untrusted repositories, or use Git GUI on Windowshttps://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/
The GitHub Blog
Git security vulnerabilities announced
Git users are encouraged to upgrade to the latest version, especially if they use `git archive`, work in untrusted repositories, or use Git GUI on Windows.
Open BLD DNS Updates: Site platform / Web UI
I finally got to the Sys-Admin Lab web site UI, I haven't planned interfaces and colors like HTML body background or link colors for a long time, and today I want to introduce you:
• ☀️ Light/ 🌑 Dark themed site
• Multi-language site
• Documentation Wiki space
• Fully migrated from scratch from Vue Nuxt2 > Nuxt3 engine
• More speed from Nitro engine and UI flexability form Bulma framework
• "Thanks" section legend - Who help testing: 💪 and Contribute: ⚡️
Of course, there is still a lot to do, and I don't know how yet, but I am sure that with your help I will be able to go further and develop the project further and more 🙂
• check and see: https://lab.sys-adm.in
I finally got to the Sys-Admin Lab web site UI, I haven't planned interfaces and colors like HTML body background or link colors for a long time, and today I want to introduce you:
• ☀️ Light/ 🌑 Dark themed site
• Multi-language site
• Documentation Wiki space
• Fully migrated from scratch from Vue Nuxt2 > Nuxt3 engine
• More speed from Nitro engine and UI flexability form Bulma framework
• "Thanks" section legend - Who help testing: 💪 and Contribute: ⚡️
Of course, there is still a lot to do, and I don't know how yet, but I am sure that with your help I will be able to go further and develop the project further and more 🙂
• check and see: https://lab.sys-adm.in
/ Vulnerabilities in TP-Link routers
TP-Link and their latest firmware available as of January 11, 2023, have two vulnerabilities DoS, RCE..:
https://kb.cert.org/vuls/id/572615
TP-Link and their latest firmware available as of January 11, 2023, have two vulnerabilities DoS, RCE..:
https://kb.cert.org/vuls/id/572615
kb.cert.org
CERT/CC Vulnerability Note VU#572615
Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2
/ Detecting Fake Events in Azure Sign-in Logs
— https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html
— https://www.inversecos.com/2023/01/detecting-fake-events-in-azure-sign-in.html
Inversecos
Detecting Fake Events in Azure Sign-in Logs
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
Sudoedit allowing a local attacker to append arbitrary entries to the list of files to process
https://ubuntu.com/security/CVE-2023-22809
P.S. thx for the link @clevergod : ✌️
https://ubuntu.com/security/CVE-2023-22809
P.S. thx for the link @clevergod : ✌️
Ubuntu
CVE-2023-22809 | Ubuntu
Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things.
/ Client-Side SSRF to Google Cloud Project Takeover [Google VRP]
https://blog.geekycat.in/client-side-ssrf-to-google-cloud-project-takeover/
https://blog.geekycat.in/client-side-ssrf-to-google-cloud-project-takeover/
/ Yum! Brands, Inc. announced a ransomware attack
January 18, 2023... that impacted certain information technology systems..:
— Yum! Brands, Inc. announced a ransomware attack
— United States Securities And Exchange Commission Report
January 18, 2023... that impacted certain information technology systems..:
— Yum! Brands, Inc. announced a ransomware attack
— United States Securities And Exchange Commission Report
/ Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)
https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw
https://www.mandiant.com/resources/blog/chinese-actors-exploit-fortios-flaw
Google Cloud Blog
Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475) | Mandiant | Google Cloud Blog
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
После запуска Open BLD сервиса я стал замечать некоторые "странности" переходящие в закономерности со стороны различных инстанций. Сегодня прилетела блокировка Sys-Admin Форума от РКН.
Осведомленность об ИТ и InfoSec, безопасность и помощь советами в решении технических проблем - это наше кредо на протяжении более 10 лет.
Разные инстанции производили разные "санкционные" действия направленные на мою учетную запись - ну и ладно, жил и проживу без всяких там "инстаграмов".
В итоге я решил сделать небольшую заметку о своих наблюдениях под названием "Бан или совпадение?”:
— https://lab.sys-adm.in/ru/blog/implicit-ban-bld-author
Осведомленность об ИТ и InfoSec, безопасность и помощь советами в решении технических проблем - это наше кредо на протяжении более 10 лет.
Разные инстанции производили разные "санкционные" действия направленные на мою учетную запись - ну и ладно, жил и проживу без всяких там "инстаграмов".
В итоге я решил сделать небольшую заметку о своих наблюдениях под названием "Бан или совпадение?”:
— https://lab.sys-adm.in/ru/blog/implicit-ban-bld-author
/ VMware vRealize Log Insight Directory Traversal Vulnerability
https://www.vmware.com/security/advisories/VMSA-2023-0001.html
https://www.vmware.com/security/advisories/VMSA-2023-0001.html
/ Pwning the all Google phone with a non-Google bug
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug/
The GitHub Blog
Pwning the all Google phone with a non-Google bug
It turns out that the first “all Google” phone includes a non-Google bug. Learn about the details of CVE-2022-38181, a vulnerability in the Arm Mali GPU. Join me on my journey through reporting the vulnerability to the Android security team, and the exploit…
Бесплатный курс "Защита облачной инфраструктуры"
Защита облачной инфраструктуры - 1 час теории и 5 часов практики от архитекторов команды Yandex Cloud где можно будет примерить на себя роль системного администратора интернет-магазина и научиться:
• защищать облачную инфраструктуру от сетевых атак;
• настраивать аутентификацию пользователей с помощью федерации удостоверений;
• создавать систему мониторинга событий безопасности.
Курс подойдёт всем, кто уже работает в облаке или только задумывается об этом, может быть полезен специалистам отвечающим за ИБ компании, инженерам DevOps или SRE и разработчикам, которые интересуются вопросами ИБ
Детали здесь
Защита облачной инфраструктуры - 1 час теории и 5 часов практики от архитекторов команды Yandex Cloud где можно будет примерить на себя роль системного администратора интернет-магазина и научиться:
• защищать облачную инфраструктуру от сетевых атак;
• настраивать аутентификацию пользователей с помощью федерации удостоверений;
• создавать систему мониторинга событий безопасности.
Курс подойдёт всем, кто уже работает в облаке или только задумывается об этом, может быть полезен специалистам отвечающим за ИБ компании, инженерам DevOps или SRE и разработчикам, которые интересуются вопросами ИБ
Детали здесь