Тезисно о том, как можно получить Open Source - All Product Pack лицензию от JetBrains

Все просто - делай вклад в этот мир и тебе воздастся ;)

— https://youtu.be/9DMnXS0ifAA

⚠️ Note: All DoT (853) BLD (bld.sys-adm.in) clients (Android) should be migrate to A-BLD (a-bld.sys-adm.in)

🔆 Внимание. Всем Android клиентам bld.sys-adm.in - необходимо перенастроить безопасный DNS на a-bld.sys-adm.in!

/ Detecting and decrypting Sliver C2 – a threat hunter’s guide

Sliver is an open-source, cross-platform, and extensible C2 framework. It’s written primarily in Go, making it fast, portable, and easy to customize. This versatility makes it a popular choice among red teams for adversary emulation and as a learning tool for security enthusiasts.

The Sliver C2 framework has features catering to both beginner and advanced users. One of its main attractions is the ability to generate dynamic payloads for multiple platforms, such as Windows, Linux, and macOS. These payloads, or “slivers,” provide capabilities like establishing persistence, spawning a shell, and exfiltrating data.

When it comes to communication, Sliver supports a wide range of communication protocols, including HTTP, HTTPS, DNS, TCP, and WireGuard. This ensures that C2 traffic is flexible, stealthy, and can blend in with normal network traffic

— Full article…

/ A maintenance release Git v2.40.1 with fixes many security issues

CVE-2023-25652, CVE-2023-25815, and CVE-2023-29007

— https://lkml.org/lkml/2023/4/25/705

/ New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)

https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp

Открытые практикумы DevOps, Linux, Networks и Golang by Rebrain (расписание на май)
 
• 2 мая DevOps: Использование регулярных выражений на примере анализа логов
• 3 мая Linux: Виртуальные интерфейсы и канальный уровень в Linux
• 4 мая Networks: Traffic Engineering (TE)
• 10 мая Linux: ФСТЭК для Linux (часть 2)
• 16 мая DevOps: Введение в Docker
• 17 мая Linux: ФСТЭК для Linux
• 18 мая Networks: Segment Routing (SR)
• 23 мая DevOps by Rebrain
• 24 мая Linux: Сертификат WEB-сервера
• 25 мая Golang by Rebrain
• 30 мая DevOps: Шифрование секретов в GitOps
• 31 мая Linux: Реализации протоколов маршрутизации для Linux

Подключиться можно Здесь

/ Threat Actor Selling New Atomic macOS (AMOS) Stealer on Telegram

https://blog.cyble.com/2023/04/26/threat-actor-selling-new-atomic-macos-amos-stealer-on-telegram/

/ Never Connect to RDP Servers Over Untrusted Networks

Demonstration - why connecting using the Remote Desktop Protocol (RDP) must be avoided on untrusted networks like in hotels, conferences, or public Wi-Fi. Protecting the connection with a VPN or a Remote Desktop Gateway is the only safe alternative:

https://www.gosecure.net/blog/2023/04/26/never-connect-to-rdp-servers-over-untrusted-networks/

/ CLI tricks every developer should know

https://github.blog/2023-04-26-cli-tricks-every-developer-should-know/

/ Elastic Security Labs discovers the LOBSHOT malware

Adversaries continue to abuse and increase reach through malvertising such as Google Ads by impersonating legitimate software..

Deep dive research and protection steps:

— https://www.elastic.co/security-labs/elastic-security-labs-discovers-lobshot-malware

🥋 Malware domains already blocked in Sys-Admin BLD DNS

/ RTM Locker Ransomware as a Service (RaaS) Now Suits Up for Linux Architecture

ESXi servers under attack..:

https://www.uptycs.com/blog/rtm-locker-ransomware-as-a-service-raas-linux

/ Zyxel has released patches for an OS command injection vulnerability

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls

 
OpenBLD - Next Stage to Growth with ClouDNS

GeoDNS and Global Anycast DNS features from ClouDNS - it as a brilliant opportunity for additional OpenBLD Performance and Availability

Today ClouDNS supported OpenBLD DNS and provided own features for free:
• Anycast DNS service and Anycast GeoDNS servers
• DDoS Protection
• DNS Failover checks
• EDNS-client-subnet support
• and more...

ClouDNS providing flexible tools for managements services and very affordable pricing plans and it is I like it very much.

This can be a key milestone in the development phase of the OpenBLD project, it is a next stage for growth. I have special domain name for OpenBLD DNS project, may be it is a "that very moment"...

• All ClouDNS features you can found on ClouDNS Site
• How to protect for your self and family with OpenBLD Here

/ Three New BGP Message Parsing Vulnerabilities Disclosed in FRRouting Software

https://www.forescout.com/blog/three-new-bgp-message-parsing-vulnerabilities-disclosed-in-frrouting-software/

/ Netgear User Management Remote Credentials Disclosur,e Remote Restriction Bypass

https://flashpoint.io/resources/research/fp-2023-01-netgear-prosafe-network-management-system/

/ The LockBit ransomware (kinda) comes for macOS

Detailed research:

https://objective-see.org/blog/blog_0x75.html

Открытый практикум Linux by Rebrain: ФСТЭК для Linux. Часть 2
 
• 10 Мая (Среда) в 20:00 по МСК. Детали

Программа:
• Продолжаем выполнять требования
• Что нужно поправить в работе ядра
• Что может быть если это не исправить

Ведет:
• Андрей Буранов - Специалист по UNIX-системам в компании VK. Опыт работы с ОС Linux более 7 лет.

/ AirPods under attack. Hotfixes from Apple

https://support.apple.com/en-us/HT213752