Telegram-канал "Sys-Admin Up" — @sysadm_in_up

Sys-Admin Up

18 Apr, 18:03

CSI-DEPLOYING-AI-SYSTEMS-SECURELY.pdf

494.0Кб

Best Practices for Deploying Secure and Resilient AI Systems

from Canadian Centre for Cyber Security

52 0 2

Sys-Admin Up

17 Apr, 13:52

100 web vulnerabilities, categorized into various types.pdf

430.2Кб

Simple categorized list of vulnerability types.

98 0 3

Sys-Admin Up

16 Apr, 20:58

RCE in Telegram review:

https://youtu.be/6JY3uaLSflk?si=T0N-aPa4mKeDAvqy

Remote Code Execution Vulnerability in Telegram

Learn Cybersecurity - Name Your Price Training with John Hammond: https://nameyourpricetraining.com 📧JOIN MY NEWSLETTER ➡ https://jh.live/email 🙏SUPPORT THE CHANNEL ➡ https://jh.live/patreon 🤝 SPONSOR THE CHANNEL ➡ https://jh.live/sponsor 🌎FOLLOW ME EVERYWHERE ➡ https://jh.live/twitter ↔ https://jh...

153 0 4

JetBrains следуя практикам поддержки Open Source, в этом году поддержал OpenBLD.net и меня новой лицензией

JetBrains - это первая компания, которая поддержала мою инициативу на пути создания моих открытых проектов. Такая поддержка, явилась значимой для меня, моей мотивации и движения вперед. Благодаря таким активностям ты понимаешь, что не тратишь время впустую, что не тянешь это все в одну упряжку, есть те, кто понимает тебя, кто поддерживает тебя и твои идеи и это делает тебя еще сильнее и еще ближе на пути достижения поставленных целей и реализации твоих идей.

Это круто, это приятно и это дает возможность двигаться еще дальше, чем ты есть на сегодня.

Всем кто имеет возможность оказывать помощь людям и проектам в их развитии и поддерживает и оказывает - посвящается. Успехов всем нам! Peace ✌️

JetBrains OSS - https://www.jetbrains.com/opensource/

112 0 2

Sys-Admin Up

16 Apr, 13:00

WIFI Credential Dumping

Techniques to retrieve the PSK from a workstation post-compromise (Windows)

https://www.r-tec.net/r-tec-blog-wifi-credential-dumping.html

WIFI Credential Dumping: Techniques to retrieve the PSK from a workstation post-compromise

This blog won't dive into any of the mentioned WIFI attacks, but will highlight techniques to retrieve the PSK from a workstation post-compromise instead.

129 0 2

Sys-Admin Up

16 Apr, 06:41

BatBadBut: You can't securely execute commands on Windows

The root cause of BatBadBut is the overlooked behavior of the CreateProcess function on Windows.

When executing batch files with the CreateProcess function, Windows implicitly spawns cmd.exe because Windows can’t execute batch files without it:

https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows

BatBadBut: You can't securely execute commands on Windows

Introduction Hello, I’m RyotaK ( @ryotkak ), a security engineer at Flatt Security Inc. Recently, I reported multiple vulnerabilities to several programming languages that allowed an attacker to perform command injection on Windows when the specific conditions were satisfied. Today, affected vendors...

173 0 3

Sys-Admin Up

15 Apr, 19:52

CISSP Cheat Sheet Series.pdf

573.1Кб

/ Security & Risk Management (CISSP Cheat Sheet)

Covers a range of key topics:

- Domain 1: Security and Risk Management
- Domain 2: Asset Security
- Domain 3: Security Architecture and Engineering
- Domain 4: Communication and Network Security
- Domain 5: Identity and Access Management
- Domain 6: Security Assessment and Testing
- Domain 7: Security Operations
- Domain 8: Software Development Security

182 0 5

Sys-Admin Up

12 Apr, 20:10

/ How Hackers Can Hijack 2FA Calls with Sneaky Call Forwarding

https://www.404media.co/how-hackers-can-hijack-2fa-calls-with-sneaky-call-forwarding/

How Hackers Can Hijack 2FA Calls with Sneaky Call Forwarding

In a crude but potentially effective attack, a hacker sends a malicious link which quickly sets up call forwarding for a target’s phone number. The result is the interception of 2FA calls, including for Gmail.

187 0 2

Sys-Admin Up

11 Apr, 14:32

New Technique to Trick Developers Detected in an Open Source Supply Chain Attack

https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/

New Technique Detected in an Open Source Supply Chain Attack

In a recent attack campaign, cybercriminals were discovered cleverly manipulating GitHub's search functionality, and using meticulously crafted repositories to distribute malware.

2.1k 2 6

Sys-Admin Up

11 Apr, 10:46

Branch History Injection and Intra-mode Branch Target Injection / CVE-2022-0001, CVE-2022-0002 / INTEL-SA-00598

https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/branch-history-injection.html

Branch History Injection and Intra-mode Branch Target Injection

Overview and mitigation guidance for Branch History Injection (CVE-2022-0001) and Intra-mode Branch Target Injection (CVE-2022-0002).

195 0 2

Sys-Admin Up

10 Apr, 20:16

/ CVE-2024-3273: D-Link NAS RCE Exploited in the Wild

A remote code execution vulnerability in D-Link NAS devices is actively being exploited and is tracked under CVE-2024-3273. The vulnerability is believed to affect as many as 92,000 devices

https://www.greynoise.io/blog/cve-2024-3273-d-link-nas-rce-exploited-in-the-wild

CVE-2024-3273: D-Link NAS RCE Exploited in the Wild | GreyNoise Blog

Check out this blog to stay informed about a critical remote code execution vulnerability affecting D-Link NAS devices. It is being tracked under CVE-2024-3273 and believed to affect as many as 92,000 devices.

1.6k 2 7

Sys-Admin Up

10 Apr, 15:39

/ Unauthenticated attacker can execute arbitrary code via FortiClientLinux

[FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration. Official advisory:

https://www.fortiguard.com/psirt/FG-IR-23-087

PSIRT | FortiGuard Labs

None

169 0 1

Sys-Admin Up

10 Apr, 11:40

/ Vulnerabilities Identified in LG WebOS

WebOS versions 4 through 7 running on LG TVs. These vulnerabilities let us gain root access on the TV after bypassing the authorization mechanism. Although the vulnerable service is intended for LAN access only, so.. Internet-connected devices, identified over 91,000 devices:

https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/

Vulnerabilities Identified in LG WebOS

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities.

1.8k 4 6

Sys-Admin Up

9 Apr, 12:20

Ramsomware 2023-2024 review

Cybercriminal ramsom Russia attacks review:

https://www.facct.ru/blog/ransomware-2023-2024/

Очень грязные дела: обзор преступных групп вымогателей, атаковавших Россию в 2023-2024 году | F.A.C.C.T.

Эксперты F.A.C.C.T. проанализировали активные преступные группы вымогателей, атаковавших российские компании в 2023-2024 гг.

214 0 3

Sys-Admin Up

8 Apr, 20:54

Pingora

Pingora is a Rust framework to build fast, reliable and programmable networked systems from CF

https://github.com/cloudflare/pingora

GitHub - cloudflare/pingora: A library for building fast, reliable and evolvable network services.

A library for building fast, reliable and evolvable network services. - cloudflare/pingora

201 0 2

Sys-Admin Up

8 Apr, 20:50

CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive

https://www.horizon3.ai/attack-research/attack-blogs/cve-2023-48788-fortinet-forticlientems-sql-injection-deep-dive/

CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Deep Dive – Horizon3.ai

CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Deep-Dive and Indicators of Compromise. This blog details the SQL injection which allows an unauthenticated attacker to access the FortiClient EMS server as SYSTEM to execute arbitrary commands.

185 0 4

Sys-Admin Up

8 Apr, 20:49

NativeDump

NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz (SystemInfo, ModuleList and Memory64List Streams).

https://github.com/ricardojoserf/NativeDump

181 0 3

Sys-Admin Up

8 Apr, 11:39

Command Injection and Backdoor Account in D-Link NAS Devices

The described vulnerability affects multiple D-Link NAS devices, including models DNS-340L, DNS-320L, DNS-327L, and DNS-325, among others. The vulnerability lies within the nas_sharing.cgi uri, which is vulnerable due to two main issues: a backdoor facilitated by hardcoded credentials, and a command injection vulnerability via the system parameter..:

https://github.com/netsecfish/dlink?tab=readme-ov-file

GitHub - netsecfish/dlink

Contribute to netsecfish/dlink development by creating an account on GitHub.

1.9k 2 8