Sys-Admin InfoSec – Telegram
Sys-Admin InfoSec
@sysadm_in_channel
12.7K subscribers
235 photos
2 videos
103 files
4.54K links
News of cybersecurity / information security, information technology, data leaks / breaches, cve, hacks, tools, trainings
* Multilingual (En, Ru).
* Forum - forum.sys-adm.in
* Chat - @sysadm_in
* Job - @sysadm_in_job
* ? - @sysadminkz
Download Telegram
About
Blog
Apps
Platform
Join
Sys-Admin InfoSec
12.7K subscribers
Sys-Admin InfoSec
Открытый практикум Networks by Rebrain: Основы построения Wi-Fi сетей
 
• 22 Июня (Четверг), 20:00 по МСК. Детали

Программа:
• Физические основы передачи радиосигналов
• Планирование и развёртывание WLAN
• Расширенная настройка точек доступа и радиомостов
• Тестирование производительности и защита от атак

Ведет:
• Ольга Яновская – Ph.D. in Information Technology. Cisco NetAcad Instructor/Instructor-Trainer. Ведущий сетевой инженер.
2.14K views
Sys-Admin InfoSec
/ Introducing AzDetectSuite

— Read on MS Tech Community
TECHCOMMUNITY.MICROSOFT.COM
Detection Engineering in Azure & Introducing AzDetectSuite | Microsoft Community Hub
The AzDetectSuite is an open source project geared towards helping secure environments within Azure by utilizing KQL and Azure Monitor alerts. This heavily...
2.09K views
Sys-Admin InfoSec
Open SysConf'23 День Х: 16 сентября (Суббота)
 
Парни и девочки, день Open SysConf'23 встречи - 16 сентября (суббота) 2023.

Подтягиваем ширинки, блузки, гладим шнурки и волосы (у кого есть) и намереваемся на встречу в этот прекрасный и уверен солнечный во всех отношениях день ☀️

Возможно нашей встрече не хватает именно твоего доклада..?

— Форма регистрации докладчика

Место проведения: выбирается. Локация: Казахстан, г.Алматы.

Всем Peace ✌️
8.29K viewsedited  
Sys-Admin InfoSec
/ Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames

https://orca.security/resources/blog/examining-two-xss-vulnerabilities-in-azure-services/
2.49K views
Sys-Admin InfoSec
/ MOVEit Transfer Critical Vulnerability – CVE Pending (June 15, 2023)

Dedcriptions. Mitigation Steps:

https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-15June2023
Progress
MOVEit Transfer Critical Vulnerability – CVE-2023-35708 (June 15, 2023) - Progress Community
Progress has discovered a vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment. If you are a MOVEit Transfer customer, it is extremely important that you take immediate action as noted…
2.32K views
Sys-Admin InfoSec
/ VMware ESXi Zero-Day Used by Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors

https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass
Google Cloud Blog
VMware ESXi Zero-Day Used by Chinese Espionage Actor to Perform Privileged Guest Operations on Compromised Hypervisors | Mandiant…
2.49K views
Sys-Admin InfoSec
/ Mystic Stealer – Evolving “stealth” Malware

Mystic Stealer has begun to establish a stronger foothold in the threat landscape, as evidenced by the rising number of command and control (C2) panels observed in the wild... 50 active command and control (C2) servers, indicating the growing prevalence of this threat..

Denoscriptions. Mitigation steps:

https://www.cyfirma.com/outofband/mystic-stealer-evolving-stealth-malware/
CYFIRMA
Mystic Stealer - Evolving "stealth" Malware - CYFIRMA
EXECUTIVE SUMMARY Information stealers pose an ongoing and dynamic threat to the security of both individuals and organizations. CYFIRMA’s Research...
2.18K views
Sys-Admin InfoSec
/ Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks

https://msrc.microsoft.com/blog/2023/06/microsoft-response-to-layer-7-distributed-denial-of-service-ddos-attacks/
2.22K views
Sys-Admin InfoSec
/ Massive phishing company with many faked websites

Of course.. which marked in OpenBLD.net DNS :)

https://bolster.ai/blog/brand-impersonation-scam
Bolster AI
Brand Impersonation Campaign Targeting Big Brands
Bolster's threat research team uncovered a widespread brand impersonation scam campaign targeting 100+ clothing, footwear, and apparel brands.
2.45K views
Sys-Admin InfoSec
KazHackStan 2023: 13-15 Сентября
 
Масштабная конфа, где в течении трех дней будет представлена масса полезной инфы из разделов тематик:
• Government & Business - примеры взаимодействия, мастер-классы
• Secure Development - принципы безопасной разработки ПО
• Hacking - окажутся практические навыки и техники хакерства

Все 3 дня будет происходит кибер-битва CyberKumbez, где команды хакеров будут соревноваться за звание лучшей хакерской группы, а также взламывать новейший кибер-полигон

Все детали на сайте: kazhackstan.com
Тизер: https://www.youtube.com/watch?v=3eMuJZ8hN4s
2.76K viewsedited  
Sys-Admin InfoSec
OpenBLD.net DNS - Settings Updation Notice
 
- Who uses DoH/DoT bld.sys-adm.in (will deprecated) please switch to 🚀️️️️ ada.openbld.net
- Change/Update ✨️️️️️️iOS, macOS Profile
- If you are using DNS IP 109.234.39.72 (will deprecated) switch to 46.151.29.15

~~~

• How to EN - https://lab.sys-adm.in/wiki/getting-started/setup
• How to RU - https://lab.sys-adm.in/ru/wiki/getting-started/setup
2.43K views
Sys-Admin InfoSec
Открытый практикум Networks by Rebrain: Дизайн multi-area OSPF
 
• 29 Июня (Четверг, 19:00 МСК). Детали

Программа:
• Преимущества и недостатки разбития OSPF на area
• Принципы работы stub/nssa area в OSPF
• Какие плюсы можно получить и когда стоит применять различные типы area

Ведет:
• Дмитрий Радчук – Team Lead Вконтакте. CCIE x4. Опыт работы с сетями больше 12 лет.
2.38K views
Sys-Admin InfoSec
/ How Microsoft OAuth Misconfiguration Can Lead to Full Account Takeover

https://www.descope.com/blog/post/noauth
Descope
nOAuth: How Microsoft OAuth Misconfiguration Can Lead to Full Account Takeover
This blog will cover an authentication implementation flaw Descope discovered in Microsoft Azure AD OAuth applications that, when exploited, could lead to full account takeover.
2.27K views
Sys-Admin InfoSec
/ IoT devices and Linux-based systems targeted by OpenSSH trojan campaign

https://www.microsoft.com/en-us/security/blog/2023/06/22/iot-devices-and-linux-based-systems-targeted-by-openssh-trojan-campaign/
Microsoft News
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Microsoft discovered an attack using a patched version of OpenSSH to take control of impacted devices and install cryptomining malware.
2.58K views
Sys-Admin InfoSec
/ Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware

https://labs.jumpsec.com/advisory-idor-in-microsoft-teams-allows-for-external-tenants-to-introduce-malware/
JUMPSEC Labs
Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware
TL;DR
2.99K views
Sys-Admin InfoSec
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
BlackLotus Mitigation Guide from NSA

https://media.defense.gov/2023/Jun/22/2003245723/-1/-1/0/CSI_BlackLotus_Mitigation_Guide.PDF
2.16K views
Sys-Admin InfoSec
/ FortiNAC - Execute unauthorized code or commands

https://www.fortiguard.com/psirt/FG-IR-23-074
FortiGuard Labs
PSIRT | FortiGuard Labs
None
2.25K views
Sys-Admin InfoSec
/ Trojanized Super Mario Game Installer Spreads SupremeBot Malware

https://blog.cyble.com/2023/06/23/trojanized-super-mario-game-installer-spreads-supremebot-malware/

P.S. IOC domain added to OpenBLD.net DNS
2.38K views
Sys-Admin InfoSec
/ Apple fixes three actively exploited vulnerabilities

Apple has released security updates for several products to address a set of flaws that it says are being actively exploited:

https://www.malwarebytes.com/blog/news/2023/06/update-now-apple-fixes-three-actively-exploited-vulnerabilities
Malwarebytes
Update now! Apple fixes three actively exploited vulnerabilities
Apple has released security updates for several products to address a set of flaws it said were being actively exploited.
2.26K views
Sys-Admin InfoSec
/ Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads

https://www.bitdefender.com/blog/businessinsights/unpacking-rdstealer-an-exfiltration-malware-targeting-rdp-workloads/
Bitdefender Blog
Unpacking RDStealer: An Exfiltration Malware Targeting RDP Workloads
In June 2023, Bitdefender Labs published a research paper about espionage operation in East Asia.
2.21K views
Sys-Admin InfoSec
CFP на OFFZONE (август 24-25)

Call For Papers для тех, кто горит желанием поделиться практическим опытом или рассказать о новом исследовании 24-25 августа на OFFZONE. Форматы выступлений:
- Talk — 45 минут,
- Short talk — 15 минут

Конечно же проходки на конфу и Speaker party (вечеринка с другими спикерам), фирменный мерч, и другие плюшки идут бонусом. Узнать о правилах и подать заявку можно на странице CFP
2.29K views