/ QNAP OS command injection vulnerability
Vulnerability in QTS, QuTS hero and QuTScloud (high):
https://www.qnap.com/en/security-advisory/qsa-23-47
Vulnerability in QTS, QuTS hero and QuTScloud (high):
https://www.qnap.com/en/security-advisory/qsa-23-47
QNAP Systems, Inc. - Network Attached Storage (NAS)
Vulnerability in QTS, QuTS hero and QuTScloud - Security Advisory
QNAP designs and delivers high-quality network attached storage (NAS) and professional network video recorder (NVR) solutions to users from home, SOHO to small, medium businesses.
/ SmartScreen Vulnerability CVE-2023-36025 - Exploring the Latest Mispadu Stealer Variant
https://unit42.paloaltonetworks.com/mispadu-infostealer-variant/
https://unit42.paloaltonetworks.com/mispadu-infostealer-variant/
Unit 42
Exploring the Latest Mispadu Stealer Variant
Evaluation of a new variant of Mispadu, a banking Trojan, highlights how infostealers evolve over time and can be hard to pin to past campaigns.
/ ResumeLooters gang infects websites with XSS noscripts and SQL injections to vacuum up job seekers' personal data and CVs
https://www.group-ib.com/blog/resumelooters/
https://www.group-ib.com/blog/resumelooters/
Group-IB
Dead-end job: ResumeLooters infect websites in APAC through SQL injection and XSS attacks
ResumeLooters gang infects websites with XSS noscripts and SQL injections to vacuum up job seekers' personal data and CVs.
/ Critical Security Issue Affecting TeamCity On-Premises (CVE-2024-23917)
https://blog.jetbrains.com/teamcity/2024/02/critical-security-issue-affecting-teamcity-on-premises-cve-2024-23917/
https://blog.jetbrains.com/teamcity/2024/02/critical-security-issue-affecting-teamcity-on-premises-cve-2024-23917/
📢 Открытый практикум Linux by Rebrain: RAID массивы 2
• 12 Февраля (Понедельник) 20:00 МСК
Программа:
• Для чего нужна очистка метаданных mdadm?
• Как перенести данные с обычного диска на RAID1?
• Как понять был ли диск в RAID массиве mdadm?
• Как получить данные с диска из RAID1?
• Увеличение размера RAID массива
↘ Детали
Ведёт:
Андрей Буранов – Системный администратор VK Play. 10+ лет опыта работы с ОС Linux. 8+ лет опыта преподавания.
• 12 Февраля (Понедельник) 20:00 МСК
Программа:
• Для чего нужна очистка метаданных mdadm?
• Как перенести данные с обычного диска на RAID1?
• Как понять был ли диск в RAID массиве mdadm?
• Как получить данные с диска из RAID1?
• Увеличение размера RAID массива
↘ Детали
Ведёт:
Андрей Буранов – Системный администратор VK Play. 10+ лет опыта работы с ОС Linux. 8+ лет опыта преподавания.
/ Fake LastPass in AppStore
Official warning:
https://blog.lastpass.com/2024/02/warning-fraudulent-app-impersonating-lastpass-currently-available-in-apple-app-store/
Official warning:
https://blog.lastpass.com/2024/02/warning-fraudulent-app-impersonating-lastpass-currently-available-in-apple-app-store/
Lastpass
Warning: Fraudulent App Impersonating LastPass Currently Available in Apple App Store - The LastPass Blog
UPDATE The fraudulent app was removed from the Apple App Store on February 8. We will continue to monitor for fraudulent applications and take appropriate action as necessary.
/ After a tip, ExpressVPN acts swiftly to protect customers
Express disclosure VPN users browsing data..
https://www.expressvpn.com/blog/windows-app-dns-requests/
Express disclosure VPN users browsing data..
https://www.expressvpn.com/blog/windows-app-dns-requests/
ExpressVPN Blog
Split-Tunneling Fix on Our App for Windows | ExpressVPN Blog
We've deployed a fix to our Version 12 app for Windows after receiving a tip about how the app handles DNS requests when split tunneling is enabled.
/ Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day
https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html
Internet Shortcut Files Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412
https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html
Internet Shortcut Files Security Feature Bypass Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412
Trend Micro
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
The APT group Water Hydra has been exploiting the Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by…
/ Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System
https://www.aquasec.com/blog/snap-trap-the-hidden-dangers-within-ubuntus-package-suggestion-system/
https://www.aquasec.com/blog/snap-trap-the-hidden-dangers-within-ubuntus-package-suggestion-system/
Aqua
Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System
Aqua Nautilus researchers have identified a security issue that arises from the interaction between Ubuntu's command-not-found package and the snap package repository.
📢 Открытый практикум DevOps by Rebrain: Работаем с бэклогом команды DevOps
Время:
• 20 Февраля (Вторник) 19:00 МСК
Программа:
• Построение процесса бэклога команды
• Подход к сквозному приоритету задач
• Контроль сроков
↘ Детали
Ведёт:
• Александр Крылов – Опыт работы в DevOps более 7 лет. Спикер конференций: DevOps conf, TeamLead conf, Highload conf. Автор курса по Haproxy на Rebrain.
Время:
• 20 Февраля (Вторник) 19:00 МСК
Программа:
• Построение процесса бэклога команды
• Подход к сквозному приоритету задач
• Контроль сроков
↘ Детали
Ведёт:
• Александр Крылов – Опыт работы в DevOps более 7 лет. Спикер конференций: DevOps conf, TeamLead conf, Highload conf. Автор курса по Haproxy на Rebrain.
/ New WiFi Authentication Vulnerabilities Discovered
One vulnerability affects Android, ChromeOS and Linux devices connecting to enterprise WiFi networks, another affects home WiFi using a Linux device as a wireless access point:
https://www.top10vpn.com/research/wifi-vulnerabilities/
One vulnerability affects Android, ChromeOS and Linux devices connecting to enterprise WiFi networks, another affects home WiFi using a Linux device as a wireless access point:
https://www.top10vpn.com/research/wifi-vulnerabilities/
Top10Vpn
New WiFi Authentication Vulnerabilities Discovered
Two new WiFi vulnerabilities allow hackers to trick you into connecting to fake hotspots and steal your data, and join secure networks without the password.
/ Serious Vulnerability in the Internet Infrastructure Fundamental design flaw in DNSSEC discovered
https://www.athene-center.de/en/news/press/key-trap
https://www.athene-center.de/en/news/press/key-trap
/ New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group
https://www.bitdefender.com/blog/labs/new-macos-backdoor-written-in-rust-shows-possible-link-with-windows-ransomware-group/
https://www.bitdefender.com/blog/labs/new-macos-backdoor-written-in-rust-shows-possible-link-with-windows-ransomware-group/
Bitdefender Labs
New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group
UPDATE:
Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads.
Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
New researched malicious campaign from Proofpoint researchers, detected integrating credential phishing and cloud account takeover (ATO) techniques...
This campaign contains multiple endpoints which also included domains used as malicious infrastructure...
So - All malicious infrastructure domains sent to OpenBLD.net ecosystem
Be safe and be focused my friends
Please open Telegram to view this post
VIEW IN TELEGRAM
📢 VDSina present new hosting project on VDSina.com
With servers based on the latest AMD EPYC processors. Processor frequency 3.55 GHz. Triple redundant NVMe storage. Internet port speed 10 Gbit/sec. Data-center located in Netherlands.
Some of services from lab.sys-adm.in are using this VPS hosting for own needs (like as Chat Prettier, Masha Banhammer or Get Telegram IDs Telegram bots). Price started from
You can see more details on official VDSina.com site
With servers based on the latest AMD EPYC processors. Processor frequency 3.55 GHz. Triple redundant NVMe storage. Internet port speed 10 Gbit/sec. Data-center located in Netherlands.
Some of services from lab.sys-adm.in are using this VPS hosting for own needs (like as Chat Prettier, Masha Banhammer or Get Telegram IDs Telegram bots). Price started from
0.16$ in day, it's great for VPN, websites, telegram bots and other needs...You can see more details on official VDSina.com site
/ Pelmeni Wrapper: New Wrapper of Kazuar (Turla Backdoor)
- Infection Chain
- Technical analysis: Kazuar (DotNET) and Pelmeni Wrapper (Wrapper DLL)
- IoC's
https://lab52.io/blog/pelmeni-wrapper-new-wrapper-of-kazuar-turla-backdoor/
- Infection Chain
- Technical analysis: Kazuar (DotNET) and Pelmeni Wrapper (Wrapper DLL)
- IoC's
https://lab52.io/blog/pelmeni-wrapper-new-wrapper-of-kazuar-turla-backdoor/
📢 Открытый практикум Linux by Rebrain: bash
Время:
• 28 Февраля (Среда) 20:00 МСК
Программа:
• Что такое командная оболочка
• Bash - удобный инструмент для работы в Linux
• Внешние и внутренние команды
• Стандартные потоки информации
• Порядок интерпретации команд
↘ Детали
Ведёт:
Андрей Буранов – Системный администратор в департаменте VK Play. 10+ лет опыта работы с ОС Linux.
Время:
• 28 Февраля (Среда) 20:00 МСК
Программа:
• Что такое командная оболочка
• Bash - удобный инструмент для работы в Linux
• Внешние и внутренние команды
• Стандартные потоки информации
• Порядок интерпретации команд
↘ Детали
Ведёт:
Андрей Буранов – Системный администратор в департаменте VK Play. 10+ лет опыта работы с ОС Linux.
/ SSH-Snake: Automatic traversal of networks using SSH private keys
SSH-Snake performs three basic tasks:
- On the current system, find any SSH private keys,
- On the current system, find any hosts or destinations (user@host) that the private keys may be accepted on,
- Attempt to SSH into all of the discovered destinations using all of the private keys discovered.
https://joshua.hu/ssh-snake-ssh-network-traversal-discover-ssh-private-keys-network-graph
SSH-Snake performs three basic tasks:
- On the current system, find any SSH private keys,
- On the current system, find any hosts or destinations (user@host) that the private keys may be accepted on,
- Attempt to SSH into all of the discovered destinations using all of the private keys discovered.
https://joshua.hu/ssh-snake-ssh-network-traversal-discover-ssh-private-keys-network-graph
Forwarded from Sys-Admin Up (Yevgeniy Goncharov)
/ OpenBLD.net PDP Beta Program Announce
Personal DoH Profiling (PDP), a new service that provides:
- Complete isolation of your DNS requests, ensuring that no one can track your online activity.
- Personalized DNS settings, so you can block ads, malicious websites, and other unwanted content.
- Robust security with DNSSEC, TLSv1.2, and TLSv1.3.
- Self Allow/Block lists controls and more...
Details: https://news.1rj.ru/str/openbld/56
Personal DoH Profiling (PDP), a new service that provides:
- Complete isolation of your DNS requests, ensuring that no one can track your online activity.
- Personalized DNS settings, so you can block ads, malicious websites, and other unwanted content.
- Robust security with DNSSEC, TLSv1.2, and TLSv1.3.
- Self Allow/Block lists controls and more...
Details: https://news.1rj.ru/str/openbld/56
Telegram
OpenBLD.net
📢 Take Control of Your Privacy! Join the OpenBLD.net PDP Beta! 😡
Do you want to protect your online privacy and the privacy of your family? Join the beta for OpenBLD.net Personal DoH Profiling (PDP), a new service that provides:
🔹 Complete isolation of…
Do you want to protect your online privacy and the privacy of your family? Join the beta for OpenBLD.net Personal DoH Profiling (PDP), a new service that provides:
🔹 Complete isolation of…
/ Details on Apple’s Shortcuts Vulnerability: A Deep Dive into CVE-2024-23204
https://www.bitdefender.com/blog/labs/details-on-apples-shortcuts-vulnerability-a-deep-dive-into-cve-2024-23204/
https://www.bitdefender.com/blog/labs/details-on-apples-shortcuts-vulnerability-a-deep-dive-into-cve-2024-23204/
Bitdefender Labs
Details on Apple’s Shortcuts Vulnerability: A Deep Dive into CVE-2024-23204
CVE-2024-23204 sheds light on the critical importance of continuous security vigilance.