12286
This channel posts IT security related topics and especially alerts. Submissions over at @itsectalk welcome!
⚠️ 2.2 Million infected CCleaner installations! Check if your clients have CCleaner installed . (Severity: 🔸 high) Further Information:
on Forbes http://yt.gl/s2x0c and on talos http://yt.gl/0h0hc
#severityhigh #malware #alert #ccleaner
Thanks to the submission by WALK3R to https://infected.io/alert-submission 🙌🏼
Feel free to forward this to your internal IT admins... 😇
⚠️ Apache Struts remote code execution vulnerability! CVSSv3 Base Score 8.1 -(Severity: 🔸 high) Further Information: http://yt.gl/8rnd1
#severityhigh #vulnerability #alert #apache #struts
Thanks to the anonymous report via https://infected.io/alert-submission
⚠️ Intel AMT Privilege Escalation vulnerability. It's affecting almost all FW versions. Rating is "Critical" with a CVSS of 9.8 for one vulnerability. (Severity: 🔶high) Further Info: http://yt.gl/ybyg1
#severityhigh #vulnerability #alert #intel #amt
Forward this to your internal IT. Often Intel AMT is featured by most computers - even though you might have never heard of it.
⚠️ Confluence Wiki has a cirtical vulnerability allowing unauthorized users to access your pages. Affected: Versions above 6.0.0 - fixed in 6.0.7 and 6.1.0 (Severity: 🔸 high) Further Information: http://yt.gl/4rvuv
#alert #severityhigh #vulnerability #atlassian #confluence #wiki
📬 Forward this to your sysadmin friends and help them protect their data! Join our discussion group at /channel/itsectalk @itsectalk ✉️
⚠️ Imagemagick DoS/Possible RCE vulnerabilities. Updates released on debian/suse. (Severity: 🔸high) Further Information: https://lists.debian.org/debian-security-announce/2017/msg00052.html
#alert #vulnerability #severityhigh #imagemagick #imageprocessing
Join our discussion group at /channel/itsectalk @itsectalk and feel free to forward this message to your fellow sysadmins! ✉️ Thanks to Univaniwo for reporting this.
⚠️ Important Oracle Java updates fixing CVSS 9.6+ vulnerabilities out! Update your clients ASAP! (Severity: 🔸high) Further Information: http://yt.gl/javasejan
#alert #severityhigh #vulnerability #java #oracle
Don't forget to join our new telegram group at /channel/itsectalk @itsectalk if you want to discuss this vulnerability.
🔕 Hi everyone! First of all I want to thank you for casting your vote - you are a really helpful audience 🙌🏼 Second: we are about to say goodbye to 2016. IT Security has been important as never before and it's a sector which will keep growing for quite some time. Our job? Attackers are advancing and so are we. Real time alerts about vulnerabilities have never been so important as now.
We hope that our contributions helped keeping your systems and company secure. We also want to take the chance to wish you a great year 2k17 🎉.
Over n' out, your @itsecguy 👀
PS. The group will be announced separately within the next days.
Are you affected by this PHP related vulnerability? (This helps us creating relevant content for this channel!)
Читать полностью…
⚠️Firefox 0-day. Affects recent versions including ESR. Code execution vulnerability. (Severity: 🔸high) Further information: https://www.wordfence.com/blog/2016/11/emergency-bulletin-firefox-0-day-wild/
#alert #severityhigh #vulnerability #browser #firefox
⚠️ GNU tar extract pathname bypass CVE-2016-6321: enables file and directory overwrite attacks against the user
or system by using a crafted tar archive. In the worst-case scenario this vulnerability can lead to a full
system compromise (remote code execution as root). (severity: 🔷 low) Further Info: http://mcaf.ee/p46bzw
* GNU tar maintainer didn't consider this to be an issue. as a result mitigation in upstream GNU tar appears unlikely
#severitylow #linux
Are you affected by this Linux Kernel vulnerability? (This helps us creating relevant content for this channel!)
Читать полностью…
Are you using BIND? (Voting helps us creating relevant content for this channel)
Читать полностью…
📬 Letterbox dropping is a thing! Wouldn't this be an excellent day to warn your users? 👍🏼 Australian police reported cases of malware infected USB sticks being dropped in letterboxes. Further Info: http://yt.gl/lbdrop
#socialengineering #reminder #letterboxdropping
Feel free to forward this to the person in charge of compliance 🚨
⚠️ Microsoft Exchange Remote Vulnerability. Patches available! (severity: 🔸high) Further Information: http://yt.gl/16108
👾 Forward this message to your Exchange admins - they'll thank you later!
#alert #vulnerability #severityhigh #microsoft #exchange #rce
(Thanks so much to Rel for reporting these, write your mail address into that form next time so we can discuss!)
❗️ Foss hub downloads have been compromised. You should delete any installers front there. Further information: http://news.softpedia.com/news/hacker-compromises-fosshub-to-distribute-mbr-hijacking-malware-506932.shtml
#compromise #fosshub
Thanks to Rel (as usual) for reporting this through https://infected.io/telegram-submission
⚠️ Python - malicious packets found. Ensure that you have the correct libraries and no affected ones installed on your systems! (No severity rating from our side). Further information: http://yt.gl/4uy72
#vulnerability #alert #python #pip
Please forward this to your sysadmins. Feel free to join our IT Security Telegram Group as well: /channel/itsectalk 🏅
🔕 This channel is not dead. Please remember to report vulnerabilities via https://infected.io/alert-submission and discuss them in @itsectalk so we know they are relevant for people!
Over n' out.
⚠️ℹ️ Hipchat (hosted) is also affected. Mail addresses and some other information has been accessed by an attacker. *INFO* Right now the download pages seem to be down and there are several outages in the Atlassian ecosystem. Check out http://yt.gl/n7mug and the status page at http://status.atlassian.com/
#alert #severityhigh #databreach #hacked #atlassian #hipchat #confluence #wiki #chat
📬 Forward this to your sysadmin friends and help them protect their data! Join our discussion group at /channel/itsectalk @itsectalk ✉️
⚠️ WordPress fixes 6 possible XSS vulnerabilities and 39 bugs. Please update your installation. (Severity: 🔸high) Further information: https://codex.wordpress.org/Version_4.7.3
#alert #vulnerability #severityhigh #wordpress
Useful to you? It might be useful for your sysadmin friends as well - feel free to forward this message!
⚠️ Cloudflare Memory Leak vulnerability. It's fixed and they're sending out mails to affected customers. Further information: https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
#alert #vulnerability #memoryleak #provider #cloudflare
Discuss this vulnerability in our new telegram group at /channel/itsectalk @itsectalk
🔕 Thanks for voting. We have created a group which you can join and discuss with other ITSEC interested people. Feel free to ask questions and post interesting ressources.
➡️ Join here /channel/itsectalk // @itsectalk ⬅️
📲 Please forward this to your sysadmin friends and other people which could profit from the group.
❓ Please excuse this message on our own behalf. We have been asked several times if there is a good chat group about ITSEC on telegram - and there isn't any. Would you be interested in an actual group where you can talk to other ITSEC interested people? #
😶 Okay. I would join, but most likely not participate. – 232
👍👍👍👍👍👍👍 48%
😀 That would be great, I would join and participate! – 213
👍👍👍👍👍👍 44%
😒 No. I don't think that's a good idea. Would not join. – 38
👍 8%
👥 483 people voted so far.
⚠️🚨 Extremely critical RCE in PHPMailer! If you got ANY PHP application -> check it ASAP! The POC exploit code is in the wild - we expect large scale attacks tryign to abuse this flaw shortly!
(Severity: 🔸high) Further Information: http://yt.gl/phpmailer
#alert #severityhigh #vulnerability #zeroday #php #phpmailer
Thanks for your anonymous reports through https://infected.io/alert-submission - help us and report vulnerabilities which affect the mass!
📲 Forward this to your admin colleagues & friends!
⚠️ MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition : CVE-2016-6663 / OCVE-2016-5616
The vulnerability can allow a local system user with access to the affected
database in the context of a low-privileged account (CREATE/INSERT/SELECT grants)
to escalate their privileges and execute arbitrary code as the database system
user (typically 'mysql').
Successful exploitation would allow an attacker to gain access to all of the
databases stored on the affected database server.
(severity: 🔸 High ) Further Info: http://mcaf.ee/3fgpwd
#severityhigh #linux #MySQL #MariaDB #PerconaDB #alert #patchthis #2016 #warning #privilegeescalation #wedsday
⚠️ Flash critical vulnerability (Update now!) CVE-2016-7855: use-after-free vulnerability that could lead to code execution (severity: 🔸high) Further Info: http://mcaf.ee/jmx65k
#alert #vulnerability #severityhigh #linux #OSX #Windows #Flash #Remote #exploitednow
Please subscribe (and let your sysadmins subscribe) to our email alerts: https://infected.io/e-mail-it-security-alerts - just alerts, no spam.
⚠️ Linux -kernel-local-privilege-escalation-vulnerability-fix CVE-2016-5195: . A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (severity: 🔸high) Further Info: http://mcaf.ee/xoyfqr
#alert #vulnerability #severityhigh #linux #kernel #privilegeescalation #exploitednow
Please subscribe (and let your sysadmins subscribe) to our email alerts: https://infected.io/e-mail-it-security-alerts - just alerts, no spam.
⚠️ BIND remote DDOS Vuln. Patches available! (severity: 🔷 medium)
A previously high severity denial-of-service (DoS) vulnerability patched last month
in the popular DNS software BIND has been exploited in the wild to crash systems.
If you haven't, apply the patch!
Further Information: http://mcaf.ee/45b28j
✉️ Recommended forwarding this to your DNS team.
#alert #vulnerability #severitymedium #linux #bind #ddos
⚠️ MySQL - Remote exec, multiple conditions needed - CVE-2016-6662?: . The vulnerability affects MySQL servers in all version branches (5.7, 5.6, and 5.5) including the latest versions, and can allow attackers to (remotely) inject malicious settings into MySQL
configuration files (my.cnf) leading to critical consequences. (severity: 🔹medium) Further Info: http://yt.gl/mysqle5
#vulnerability #severitymedium #linux
#mysql
⚠️ IE9/IE10/IE10 - Microsoft Patches CVE-2016-3351 Zero-Day, Exploited By AdGholas and GooNky Malvertising Groups. (severity: 🔸high) Further Information: https://technet.microsoft.com/en-us/library/security/ms16-104.aspx
#alert #vulnerability #severityhigh #microsoft #internetexplorer #ie
⚠️ Firefox with multiple critical vulnerabilities - updates released. Possibly remote code execution. (Severity: 🔸 high) Further information: https://www.mozilla.org/en-US/security/advisories/
#alert #vulnerability #severityhigh #firefox #browser