/ Your photos can hear you. AI and machine learning help researchers get audio from still images and silent videos
https://news.northeastern.edu/2023/09/25/audio-recovery-still-images-silent-videos/
https://news.northeastern.edu/2023/09/25/audio-recovery-still-images-silent-videos/
Northeastern Global News
Your photos can hear you. AI and machine learning help researchers get audio from still images and silent videos
Using a machine learning assisted tool called Side Eye, researchers can extract audio from photos and muted videos like TikToks.
/ Surprise: When Dependabot Contributes Malicious Code
https://checkmarx.com/blog/surprise-when-dependabot-contributes-malicious-code/
https://checkmarx.com/blog/surprise-when-dependabot-contributes-malicious-code/
Checkmarx
Surprise: When Dependabot Contributes Malicious Code
In July 2023, our scanners detected nontypical commits to hundreds of GitHub repositories appear to be contributed by Dependabot and carrying malicious code.
/ (0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
https://www.zerodayinitiative.com/advisories/ZDI-23-1469/
https://www.zerodayinitiative.com/advisories/ZDI-23-1469/
Zerodayinitiative
ZDI-23-1469
(0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
Открытый практикум DevOps by Rebrain: DevOps maturity matrix in product
• 3 Октября (Вторник) 19:00 МСК. Детали
Программа:
• Концепт DevOps maturity matrix
• Этапы внедрения maturity matrix
Ведёт:
• Александр Крылов - Опыт работы в DevOps более 7 лет. Постоянный спикер конференций: DevOps conf, TeamLead conf, Highload conf. Автор практикума по Haproxy на Rebrain.
• 3 Октября (Вторник) 19:00 МСК. Детали
Программа:
• Концепт DevOps maturity matrix
• Этапы внедрения maturity matrix
Ведёт:
• Александр Крылов - Опыт работы в DevOps более 7 лет. Постоянный спикер конференций: DevOps conf, TeamLead conf, Highload conf. Автор практикума по Haproxy на Rebrain.
/ MS Teams external participant splash screen bypass
-- https://badoption.eu/blog/2023/09/27/teams4.html
-- https://badoption.eu/blog/2023/09/27/teams4.html
BadOption.eu
Teams external participant splash screen bypass
Teams external participant splash screen bypass Today I was preparing some demonstration on Teams phishing and was baffled, as Microsoft finaly after almost 2 years fixed an important vector. The group chat now also shows a big splash screen warning the user…
/ The Marvin RSA Attack
..is a return of a 25 year old vulnerability that allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed with the private key..:
https://people.redhat.com/~hkario/marvin/
..is a return of a 25 year old vulnerability that allows performing RSA decryption and signing operations as an attacker with the ability to observe only the time of the decryption operation performed with the private key..:
https://people.redhat.com/~hkario/marvin/
Redhat
The Marvin Attack
The Marvin Attack is a return of a timing variant of a 25-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server.
/ ZenRAT: Malware Brings More Chaos Than Calm
..a new malware called ZenRAT being distributed via fake installation packages of the password manager Bitwarden..:
https://www.proofpoint.com/us/blog/threat-insight/zenrat-malware-brings-more-chaos-calm
..a new malware called ZenRAT being distributed via fake installation packages of the password manager Bitwarden..:
https://www.proofpoint.com/us/blog/threat-insight/zenrat-malware-brings-more-chaos-calm
Proofpoint
ZenRAT: Malware Brings More Chaos Than Calm | Proofpoint US
Key Takeaways Proofpoint identified a new malware called ZenRAT being distributed via fake installation packages of the password manager Bitwarden. The malware is specifically
Two or More Ransomware Variants Impacting the Same Victims and Data Destruction Trends
Report from FBI:
-- https://www.ic3.gov/Media/News/2023/230928.pdf
Report from FBI:
-- https://www.ic3.gov/Media/News/2023/230928.pdf
Canonical Temporary Suspends Snap Store after found potentially malicious snaps
-- https://forum.snapcraft.io/t/temporary-suspension-of-automatic-snap-registration-following-security-incident/37077
-- https://forum.snapcraft.io/t/temporary-suspension-of-automatic-snap-registration-following-security-incident/37077
snapcraft.io
Temporary suspension of automatic snap registration following security incident
On September 28, 2023, the Snap Store team was notified of a potential security incident. A number of snap users reported several recently published and potentially malicious snaps. As a consequence of these reports, the Snap Store team has immediately taken…
/ Six 0day exploits were filed against Exim
-- https://lists.exim.org/lurker/message/20231001.165119.aa8c29f9.en.html
-- https://lists.exim.org/lurker/message/20231001.165119.aa8c29f9.en.html
/ Using Cloudflare To Bypass Cloudflare
Cloudflare customer-configured protection mechanisms (e.g., Firewall, DDoS prevention) for websites can be bypassed due to gaps in cross-tenant security controls, potentially exposing customers to attacks Cloudflare is supposed to prevent. Attackers can utilize their own Cloudflare accounts to abuse the per-design trust-relationship between Cloudflare and the customers websites, rendering the protection mechanism ineffective..:
-- https://certitude.consulting/blog/en/using-cloudflare-to-bypass-cloudflare/
Cloudflare customer-configured protection mechanisms (e.g., Firewall, DDoS prevention) for websites can be bypassed due to gaps in cross-tenant security controls, potentially exposing customers to attacks Cloudflare is supposed to prevent. Attackers can utilize their own Cloudflare accounts to abuse the per-design trust-relationship between Cloudflare and the customers websites, rendering the protection mechanism ineffective..:
-- https://certitude.consulting/blog/en/using-cloudflare-to-bypass-cloudflare/
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
🚀 Как достигать своих целей с Live Driving (c)
Например: "Выспаться", "Выучить английский", "Запустить свой проект", "Быть счастливым" - все эти цели вполне осуществимы, я бы сказал, что они жизненно важны.
Тем не менее, руки не доходят до собственных проектов, а счастье кажется где-то в далеком "светлом" будущем, которое может и не наступить.
Оглядись вокруг - мы уже в нужном месте, в нужное время, прямо здесь и сейчас. Все уже случилось!
😎 Некоторое время назад я создал свою точку опоры для достижения целей, которую назвал Live Driving - посредник между человеком и окружающим миром на пути к достижению целей.
Мы встречались 29 октября в Алматы - было здорово, как и всегда на наших встречах. Также есть мысль о встрече в Астане.
🔻 Кто хочет получить позитив, добро пожаловать - заполните форму участия в Live Driving.
Например: "Выспаться", "Выучить английский", "Запустить свой проект", "Быть счастливым" - все эти цели вполне осуществимы, я бы сказал, что они жизненно важны.
Тем не менее, руки не доходят до собственных проектов, а счастье кажется где-то в далеком "светлом" будущем, которое может и не наступить.
Оглядись вокруг - мы уже в нужном месте, в нужное время, прямо здесь и сейчас. Все уже случилось!
Мы встречались 29 октября в Алматы - было здорово, как и всегда на наших встречах. Также есть мысль о встрече в Астане.
Please open Telegram to view this post
VIEW IN TELEGRAM
/ Malicious Packages Hidden in NPM
Affected platforms: All platforms where NPM packages can be installed..:
-- https://www.fortinet.com/blog/threat-research/malicious-packages-hiddin-in-npm
Affected platforms: All platforms where NPM packages can be installed..:
-- https://www.fortinet.com/blog/threat-research/malicious-packages-hiddin-in-npm
Fortinet Blog
Malicious Packages Hidden in NPM
FortiGuard Labs investigates several malicious packages hidden in NPM and provides an overview of these packages, grouping them on similar styles of code or functions. Learn more.…
/ Detecting human-operated ransomware attacks with Microsoft 365 Defender
-- https://learn.microsoft.com/en-us/microsoft-365/security/defender/playbook-detecting-ransomware-m365-defender?view=o365-worldwide
-- https://learn.microsoft.com/en-us/microsoft-365/security/defender/playbook-detecting-ransomware-m365-defender?view=o365-worldwide
Docs
Detecting human-operated ransomware attacks with Microsoft Defender XDR - Microsoft Defender XDR
This article describes proactive detection of new or ongoing human-operated ransomware attacks with the Microsoft Defender portal
/ Binarly REsearch Uncovers Major Vulnerabilities in Supermicro BMCs
..Vulnerabilities can be exploited by unauthenticated remote attackers and could result in obtaining the root of the BMC system:
https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/
..Vulnerabilities can be exploited by unauthenticated remote attackers and could result in obtaining the root of the BMC system:
https://binarly.io/posts/Binarly_REsearch_Uncovers_Major_Vulnerabilities_in_Supermicro_BMCs/
www.binarly.io
Binarly REsearch Uncovers Major Vulnerabilities in Supermicro BMCs
Uncover Major Vulnerabilities in Supermicro BMCs. Dive into hidden attack surfaces and exploits found by BINARLY REsearch in Supermicro BMC IPMI firmware.
/ EvilProxy Phishing Attack Strikes Indeed
MS 365 Phishing..:
https//www.menlosecurity.com/blog/evilproxy-phishing-attack-strikes-indeed/
MS 365 Phishing..:
https//www.menlosecurity.com/blog/evilproxy-phishing-attack-strikes-indeed/
Menlosecurity
EvilProxy Phishing Attack Strikes Indeed - Blog | Menlo Security
Menlo Labs identified a phishing campaign exploiting an open redirection vulnerability on job search platform Indeed.
Открытый практикум Networks by Rebrain: Дебаг VoIP в сетях передачи данных
• 12 Октября (Четверг) 19:00 МСК. Детали
Программа:
• Как устанавливается сессия в SIP
• Как дебажить SIP сообщения с помощью CLI Asterisk/FreeSWITCH
• Работа диагностических утилит tcpdump, sngrep, wireshark и sip3
• Как дебажить RTP. Разбор рядовых проблем
Ведёт:
• Роман Сыртланов – VoIP инженер. Опыт работы с VoIP 7 лет. Работает с Asterisk/FreeSWITCH/Kamailio
• 12 Октября (Четверг) 19:00 МСК. Детали
Программа:
• Как устанавливается сессия в SIP
• Как дебажить SIP сообщения с помощью CLI Asterisk/FreeSWITCH
• Работа диагностических утилит tcpdump, sngrep, wireshark и sip3
• Как дебажить RTP. Разбор рядовых проблем
Ведёт:
• Роман Сыртланов – VoIP инженер. Опыт работы с VoIP 7 лет. Работает с Asterisk/FreeSWITCH/Kamailio
/ About the security content of iOS 17.0.3 and iPadOS 17.0.3
Impact: A local attacker may be able to elevate their privileges.
https://support.apple.com/en-us/HT213961
Impact: A local attacker may be able to elevate their privileges.
https://support.apple.com/en-us/HT213961
Apple Support
About the security content of iOS 17.0.3 and iPadOS 17.0.3
This document describes the security content of iOS 17.0.3 and iPadOS 17.0.3.
/ 1.1.1.1 lookup failures on October 4th, 2023
https//blog.cloudflare.com/1-1-1-1-lookup-failures-on-october-4th-2023/
https//blog.cloudflare.com/1-1-1-1-lookup-failures-on-october-4th-2023/
The Cloudflare Blog
1.1.1.1 lookup failures on October 4, 2023
On 4 October 2023, Cloudflare experienced DNS resolution problems. Some users may have received SERVFAIL DNS responses to valid queries. In this blog, we’re going to talk about what the failure was, why it occurred, and what we’re doing to make sure this…
/ NSA and CISA Advise on Top Ten Cybersecurity Misconfigurations
https://media.defense.gov/2023/Oct/05/2003314578/-1/-1/0/JOINT_CSA_TOP_TEN_MISCONFIGURATIONS_TLP-CLEAR.PDF
https://media.defense.gov/2023/Oct/05/2003314578/-1/-1/0/JOINT_CSA_TOP_TEN_MISCONFIGURATIONS_TLP-CLEAR.PDF