sysadm_in_channel | Technologies

Telegram-канал sysadm_in_channel - Sys-Admin InfoSec

11965

News of cybersecurity / information security, information technology, data leaks / breaches, cve, hacks, tools, trainings * Multilingual (En, Ru). * Forum - forum.sys-adm.in * Chat - @sysadm_in * Job - @sysadm_in_job * ? - @sysadminkz

Subscribe to a channel

Sys-Admin InfoSec

Weaponizing WDAC: Killing the Dreams of EDR

Windows Defender Application Control (WDAC) is a technology introduced with and automatically enabled by default on Windows 10+ and Windows Server 2016+ that allows organizations fine grained control over the executable code that is permitted to run on their Windows machines...:

https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/

Читать полностью…

Sys-Admin InfoSec

DeceptionAds — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising

The Fake-Captcha Lumma Stealer Campaign

https://labs.guard.io/deceptionads-fake-captcha-driving-infostealer-infections-and-a-glimpse-to-the-dark-side-of-0c516f4dc0b6

Читать полностью…

Sys-Admin InfoSec

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows

https://www.cadosecurity.com/blog/meeten-malware-threat

Читать полностью…

Sys-Admin InfoSec

SpyLoan: A Global Threat Exploiting Social Engineering

https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyloan-a-global-threat-exploiting-social-engineering/

Читать полностью…

Sys-Admin InfoSec

When Guardians Become Predators: How Malware Corrupts the Protectors

https://www.trellix.com/blogs/research/when-guardians-become-predators-how-malware-corrupts-the-protectors/

Читать полностью…

Sys-Admin InfoSec

CWE Top 25 Most Dangerous Software Weaknesses from MITRE

https://cwe.mitre.org/top25/

list items:
- https://cwe.mitre.org/top25/archive/2024/2024_cwe_top25.html

Читать полностью…

Sys-Admin InfoSec

ModeLeak: Privilege Escalation to LLM Model Exfiltration in Vertex AI

https://unit42.paloaltonetworks.com/privilege-escalation-llm-model-exfil-vertex-ai/

Читать полностью…

Sys-Admin InfoSec

Prompt Injecting Your Way To Shell: OpenAI's Containerized ChatGPT Environment

https://0din.ai/blog/prompt-injecting-your-way-to-shell-openai-s-containerized-chatgpt-environment

Читать полностью…

Sys-Admin InfoSec

BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA

https://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/

Читать полностью…

Sys-Admin InfoSec

🏎 OpenBLD.net – Engine for a Faster Internet

Increased throughput with the newest Gears in the racing engine of OpenBLD.net. Some Gears have been rewritten or built from scratch:

• Synchronous processing of block lists
• Caching of blocking events
• Updated caching system — the log enricher now has its own cache
• Enhanced request processing system
• New health-checking system for upstream servers, with response time detection
• Improved load balancing, routing requests to servers with the lowest response time
• Optimized parallel DNS request handling, delivering the fastest response

I hope these features will help us save valuable time online while the OpenBLD.net system's gears run smoothly under the hood.

What's Gears?

Gears are the components of the OpenBLD.net system that help to customize online experiences.

If you notice any “engine misfires,” please let me know. I’m always open to constructive feedback.

Wishing everyone a safe journey across the internet! ✌️

Читать полностью…

Sys-Admin InfoSec

Hacker Leaks Employee Data from Amazon, McDonald’s, HSBC, HP, and Potentially 1000+ Other Companies

https://www.infostealers.com/article/massive-moveit-vulnerability-breach-hacker-leaks-employee-data-from-amazon-mcdonalds-hsbc-hp-and-potentially-1000-other-companies/

Читать полностью…

Sys-Admin InfoSec

SpyNote: Unmasking a Sophisticated Android Malware

This version of SpyNote is being distributed as a fake Avast antivirus (Avastavv.apk) for the Android platform on a phishing site..:

https://www.cyfirma.com/research/spynote-unmasking-a-sophisticated-android-malware/

Читать полностью…

Sys-Admin InfoSec

Malicious Python Package Typosquats Popular 'fabric' SSH Library, Exfiltrates AWS Credentials

https://socket.dev/blog/malicious-python-package-typosquats-fabric-ssh-library

Читать полностью…

Sys-Admin InfoSec

Threat Campaign Spreads Winos4.0 Through Game Application

https://www.fortinet.com/blog/threat-research/threat-campaign-spreads-winos4-through-game-application

Читать полностью…

Sys-Admin InfoSec

qBittorrent fixes flaw exposing users to MitM attacks for 14 years

https://www.bleepingcomputer.com/news/security/qbittorrent-fixes-flaw-exposing-users-to-mitm-attacks-for-14-years/

Читать полностью…

Sys-Admin InfoSec

PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool

https://gbhackers.com/pentestgpt/

Читать полностью…

Sys-Admin InfoSec

Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

https://www.sentinelone.com/labs/operation-digital-eye-chinese-apt-compromises-critical-digital-infrastructure-via-visual-studio-code-tunnels/

Читать полностью…

Sys-Admin InfoSec

LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux

https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux

Читать полностью…

Sys-Admin InfoSec

IT workers masquerade as individuals from different countries to perform legitimate IT work and hack employers, focus areas are:

- Stealing money or cryptocurrency
- Stealing information pertaining to weapons systems, sanctions information, and policy-related decisions
- Performing IT work to generate revenue to help fund various activities

About of masquerading, social engeneering and not only:

https://www.microsoft.com/en-us/security/blog/2024/11/22/microsoft-shares-latest-intelligence-on-north-korean-and-chinese-threat-actors-at-cyberwarcon/

Читать полностью…

Sys-Admin InfoSec

2000+ Palo Alto Firewalls Hacked Exploiting New Vulnerabilities

https://cybersecuritynews.com/2000-palo-alto-firewalls-hacked/

Читать полностью…

Sys-Admin InfoSec

Ghost Tap: New cash-out tactic with NFC Relay

https://www.threatfabric.com/blogs/ghost-tap-new-cash-out-tactic-with-nfc-relay

Читать полностью…

Sys-Admin InfoSec

Malicious Facebook Ad Campaign Targeting Bitwarden Users

https://www.bitdefender.com/en-us/blog/labs/inside-bitdefender-labs-investigation-of-a-malicious-facebook-ad-campaign-targeting-bitwarden-users

Читать полностью…

Sys-Admin InfoSec

8 Free CyberSec & Networking Courses From Cisco

It may be useful to refresh your knowledge or learn something new:It may be useful to refresh your knowledge or learn something new:

1 Ethical Hacker
2 Junior Cybersecurity Analyst
3 Endpoint Security
4 Cyber Threat Management
5 Introduction to Cybersecurity
6 Network Defense
7 Network Addressing and Basic Troubleshooting
8 Networking Essentials

Читать полностью…

Sys-Admin InfoSec

Stealthy Attributes of APT Lazarus: Evading Detection with Extended Attributes

https://www.group-ib.com/blog/stealthy-attributes-of-apt-lazarus/

Читать полностью…

Sys-Admin InfoSec

APT Actors Embed Malware within macOS Flutter Applications

https://www.jamf.com/blog/jamf-threat-labs-apt-actors-embed-malware-within-macos-flutter-applications/

Читать полностью…

Sys-Admin InfoSec

Attackers Abuse DocuSign API to Send Authentic-Looking Invoices At Scale

https://lab.wallarm.com/attackers-abuse-docusign-api-to-send-authentic-looking-invoices-at-scale/

Читать полностью…

Sys-Admin InfoSec

Linux Foundation курс/сертификацию есть возможность получить бесплатно (а ценники там норм), еще есть время до конца недели. На всякий случаю дублирую сюда.

/channel/sysadm_in_up/2272

Читать полностью…

Sys-Admin InfoSec

Мистер Малой легенда хип-хопа, автор множества хитов, и мой знакомый. Известен топ-треком всех времен и народов Буду пАгибать мАлодым, создал новый топ-трек "Войти в АЙТИ", не могу пропустить это и с радостью и гордостью поздравляю и представляю трек всеобщему вниманию.

Как завести себе питона, и войти в АЙТИ можно узнать из официального трека представленного в канале Мистера Малого:

- https://vk.com/wall19030619_10826

Приятного всем! ✌️

P.S. Кто не знает. Все о Мистер Малом на оф. сайте mistermaloy.com

Читать полностью…

Sys-Admin InfoSec

RISK:STATION, an unauthenticated zero-click vulnerability allowing attackers to obtain root-level code execution on the popular Synology DiskStation and BeeStation NAS devices, affecting millions of devices

https://www.midnightblue.nl/research/riskstation

Читать полностью…

Sys-Admin InfoSec

Storm-0940 uses credentials from password spray attacks from a covert network

https://www.forbes.com/sites/zakdoffman/2024/10/30/warning-for-14-billion-microsoft-windows-10-windows-11-users-get-free-upgrade/

Читать полностью…
Subscribe to a channel