Aglaya
Sys-Admin & InfoSec Channel
@sysadm_in_channel
14.6K subscribers
109 photos
2 videos
62 files
2.53K links
Посты/Материалы с ИТ-ресурсов, новости информационной безопасности, информационных технологий, статьи по теме (утечки данных, хаки, тулзы, обучение)
* Our forum - https://forum.sys-adm.in
* Our chat - @sysadm_in
* Job - @sysadm_in_job
* All questions - @
Download Telegram
to view and join the conversation
About
Blog
Apps
Platform
Join
Sys-Admin & InfoSec Channel
14.6K subscribers
Aglaya
Sys-Admin & InfoSec Channel
https://www.infoq.com/news/2021/04/intel-hidden-instructions/
InfoQ
Two Hidden Instructions Discovered in Intel CPUs Enable Microcode Modification
Security researchers Mark Ermolov, Dmitry Sklyarov, and Maxim Goryachy discovered two undocumented x86 instructions that can be used to modify the CPU microcode. The instructions can only be executed when the CPU runs in debug mode, which makes them not easily…
2.6K views
Sys-Admin & InfoSec Channel
Automox Experts Weigh In on June 2021 Microsoft Patch Tuesday Release

Порядка ~50 фиксов, в том числе для активно эксплуатируемых уязвимостей

https://blog.automox.com/automox-experts-weigh-in-june-patch-tuesday-2021

Прямая ссылка:

https://msrc.microsoft.com/update-guide
2.6K viewsedited  
Sys-Admin & InfoSec Channel
PuzzleMaker attacks with Chrome zero-day exploit chain | Securelist
https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/
Securelist
PuzzleMaker attacks with Chrome zero-day exploit chain
We detected a wave of highly targeted attacks that exploited a chain of Google Chrome and Microsoft Windows zero-day exploits.
2.6K views
Sys-Admin & InfoSec Channel
SAP Security Patch Day – June 2021

https://wiki.scn.sap.com/wiki/plugins/servlet/mobile?contentId=578125999#content/view/578125999
2.6K viewsedited  
Sys-Admin & InfoSec Channel
https://alpaca-attack.com/

P.S. thx for link hackervision.org ✌️
2.5K views
Sys-Admin & InfoSec Channel
What is a ransom DDoS attack?

https://www.cloudflare.com/en-gb/learning/ddos/ransom-ddos-attack/
2.5K views
Sys-Admin & InfoSec Channel
Fuzzing the Office Ecosystem

https://research.checkpoint.com/2021/fuzzing-the-office-ecosystem/
Check Point Research
Fuzzing the Office Ecosystem - Check Point Research
Research By: Netanel Ben-Simon and Sagi Tzadik Introduction Microsoft Office is a very commonly used software that can be found on almost any standard computer. It is also integrated inside many products of the Microsoft / Windows ecosystem such as Office…
2.4K viewsedited  
Sys-Admin & InfoSec Channel
Новая масштабная вредоносная кампания нацелена на Kubeflow

https://techcommunity.microsoft.com/t5/azure-security-center/new-large-scale-campaign-targets-kubeflow/ba-p/2425750
TECHCOMMUNITY.MICROSOFT.COM
New large-scale campaign targets Kubeflow
Yossi Weizman Senior Security Research Engineer, Cloud Security Research, ILDC   Last June, we reported on a cryptocurrency mining campaign that targeted Kubeflow workloads. Kubeflow is a popular framework for running machine learning (ML) tasks in Kubernetes…
2.5K viewsedited  
Sys-Admin & InfoSec Channel
Malware research: What’s hidden in a 1.2 TB malware database

https://nordlocker.com/blog/malware-case-study/
Nordlocker
Here’s what custom malware can steal and how it does it.
We analyzed a database containing 6 million files, 25 million credentials, and 2 billion cookies that had been stolen by custom malware. Here are the results.
2.5K viewsedited  
Sys-Admin & InfoSec Channel

Открытые практикумы DevOps и Linux by Rebrain (15 и 16 Июня)

1,5 часа с DevOps-инженером
• Ответы на заранее подготовленные вопросы от сообщества REBRAIN
• Примеры решений
• Ответы на вопросы в режиме Online

15 Июня 19.00 МСК. Регистрация
• Ведет Василий Озеров - Руководит международной командой в рамках своего агентства Fevlake. Более 8 лет занимается DevOps.

Linux, что Вы хотите узнать? / Сессия вопросов-ответов
• Ответы на заранее подготовленные вопросы от сообщества REBRAIN
• Примеры решений
• Ответы на вопросы в режиме Online

16 Июня 20.00 МСК. Регистрация
• Андрей Буранов - Специалист по UNIX-системам в компании Mail.Ru Group. Опыт работы с ОС Linux более 7 лет.
2.8K views
Sys-Admin & InfoSec Channel
Securing the open source supply chain by scanning for package registry credentials | The GitHub Blog
https://github.blog/2021-06-08-securing-open-source-supply-chain-scanning-package-registry-credentials/
The GitHub Blog
Securing the open source supply chain by scanning for package registry credentials
An introduction to secrets, GitHub secret scanning, the open source supply chain, and why revoking package registry credentials is so important.
2.8K views
Sys-Admin & InfoSec Channel
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug

Баг подтвержден в Debian, Ubuntu, Fedora, RHEL дистрах

https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
The GitHub Blog
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit. As a member of GitHub Security Lab, my job is to help improve the security of open source software…
3.0K viewsedited  
Sys-Admin & InfoSec Channel
Fig - Fig adds VSCode-style autocomplete to your existing terminal.

https://fig.io/

https://github.com/withfig/autocomplete
fig.io
Autocomplete for your terminal.
2.6K viewsedited  
Sys-Admin & InfoSec Channel
KDE Ships Frameworks 5.83.0 - KDE Community
https://kde.org/announcements/frameworks/5/5.83.0/
KDE Community
KDE Ships Frameworks 5.83.0
KDE today announces the release of KDE Frameworks 5.83.0.
2.3K views
Sys-Admin & InfoSec Channel
GitHub - cdk8s-team/cdk8s: Define Kubernetes native apps and abstractions using object-oriented programming
https://github.com/cdk8s-team/cdk8s
GitHub
cdk8s-team/cdk8s
Define Kubernetes native apps and abstractions using object-oriented programming - cdk8s-team/cdk8s
2.4K views
Sys-Admin & InfoSec Channel
Дата конца поддержки Windows 10 Home / Pro

Microsoft will continue to support at least one Windows 10 Semi-Annual Channel until October 14, 2025.

Таблица EOL релизов Windows 10 на официальном сайте:

https://docs.microsoft.com/en-us/lifecycle/products/windows-10-home-and-pro
Docs
Windows 10 Home and Pro - Microsoft Lifecycle
Windows 10 Home and Pro follows the Modern Lifecycle Policy.
2.3K views
Sys-Admin & InfoSec Channel
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

https://www.microsoft.com/security/blog/2021/06/14/behind-the-scenes-of-business-email-compromise-using-cross-domain-threat-data-to-disrupt-a-large-bec-infrastructure/
Microsoft Security Blog
Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign | Microsoft Security…
Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding…
2.3K viewsedited  
Sys-Admin & InfoSec Channel
This is how I was able to see Private, Archived Posts/Stories of users on Instagram without following them

Как в Instagram можно было просматривать данные аккаунтов не будучи на них подписанным

PoC

https://fartademayur.medium.com/this-is-how-i-was-able-to-see-private-archived-posts-stories-of-users-on-instagram-without-de70ca39165c
Medium
This is how I was able to see Private, Archived Posts/Stories of users on Instagram without following them
I am Mayur Fartade from Maharashtra. This is my first bug in Facebook Bug bounty program.
2.0K views
Sys-Admin & InfoSec Channel
Хьюстон, у нас (большая) проблема, рассказ специалиста работавшего в Microsoft в Threat Intelligence в Редмонде, который включал в том числе отслеживание программ-вымогателей

Краткое резюме - жесткая правда о вымогателях: мы не готовы, это битва с новыми/по новым правилам

https://doublepulsar.com/the-hard-truth-about-ransomware-we-arent-prepared-it-s-a-battle-with-new-rules-and-it-hasn-t-a93ad3030a54
Medium
The hard truth about ransomware: we aren’t prepared, it’s a battle with new rules, and it hasn’t…
I’ve talked about ransomware and extortion attacks on organizations for about a decade. I recently spent a year at Microsoft in Threat…
2.1K viewsedited  
Sys-Admin & InfoSec Channel

Update: Июльские доклады Open SysConf.

Привет, лови обновления по сабжу:
• Где и когда: г.Алматы, 10 июля, 10:00-19:00
• Детали здесь: sysconf.io

• Сайт содержит информацию когда, где, какие доклады будут, куда донатить, где регистрироваться
• И конечно же персональные благодарности, ссылки на ресурсы оказавшие помощь

Доклады:
• EBPF. МИТИГАЦИЯ DDOS АТАК
• LINUX ЯДРО ДЛЯ ХАКЕРА
• НЕТАРГЕТИРОВАННЫЙ ФИШИНГ
• SECRET INTERCEPTION VIA EBPF
• CHECK WINDOWS AND CONTROL CONFIGS AND SECURITY

Немного деталей по докладу: Secret interception via eBPF
~~~
Step-by-step как научиться перехватывать пароль пользователя при логине или sudo команде. Сначала найдем бинарь, который отвечает за проверку пароля. Поковыряемся в исходниках и напишем bpftrace программу, которая будет выводить введенные пароли.
~~~

Напомню, что встречаться будем как оффлайн (места еще имеются), так и удаленно.

До встречи осталось меньше месяца. В общем будь здоров дорогой товарищ, присоединяйся по мере сил и возможности.

Peace ✌️
1.4K views