Sys-Admin & InfoSec Channel
13.8K subscribers
112 photos
2 videos
85 files
3K links
Posts from IT resources, news of information security, information technology, articles on the topic (data leaks, hacks, tools, trainings). Multilingual.
* Forum - forum.sys-adm.in
* Chat - @sysadm_in
* Job - @sysadm_in_job
* All questions - @sysadminkz
Download Telegram
to view and join the conversation
Two technical analysis (pdf) - DNS poisoning and MiTM detecting

Catching Transparent Phish:
Analyzing and Detecting MITM Phishing Toolkits:

https://teleg.eu/sysadm_in_up/898

DNS Cache Poisoning Attack: Resurrections with Side Channels

https://teleg.eu/sysadm_in_up/899
Bunch of News

New ransomware actor uses password-protected archives to bypass encryption protection

https://news.sophos.com/en-us/2021/11/18/new-ransomware-actor-uses-password-protected-archives-to-bypass-encryption-protection/

Python Malware Imitates Signed PyPI Traffic in Novel Exfiltration Technique

https://jfrog.com/blog/python-malware-imitates-signed-pypi-traffic-in-novel-exfiltration-technique/

An APT Group Exploiting a 0-day in FatPipe WARP, MPVPN, and IPVPN Software (FBI Warning)

https://www.ic3.gov/Media/News/2021/211117-2.pdf

The US Defense Department on Friday asked Amazon Web Services, Microsoft, Google and Oracle to submit bids for a new, multi-billion-dollar cloud contract

https://www.zdnet.com/article/pentagon-asks-aws-microsoft-google-and-oracle-to-bid-for-new-cloud-contract/
Bunch of News

Vulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could lead to code execution, file deletion

https://blog.talosintelligence.com/2021/11/lantronix-premier-wave-vuln-spotlight.html

Windows Security Updates for Hackers

https://bitsadm.in/blog/windows-security-updates-for-hackers

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA

[Conti] Ransomware Group In-Depth Analysis

https://www.prodaft.com/resource/detail/conti-ransomware-group-depth-analysis/

GoDaddy Announces Security Incident Affecting Managed WordPress Service

https://www.sec.gov/Archives/edgar/data/1609711/000160971121000122/gddyblogpostnov222021.htm

NGINX Unit is a polyglot app server, a reverse proxy, and a static file server, available for Unix-like systems. It was built by nginx team members from scratch to be highly efficient and fully configurable at runtime.

The latest version is 1.26.0, released on November 18, 2021.

http://unit.nginx.org/

APT Actors Exploiting Newly Identified Vulnerability in ManageEngine ADSelfService Plus

https://us-cert.cisa.gov/ncas/alerts/aa21-259a

Microsoft Exchange Health Checker script

https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/

PoC of CVE-2021-42321: pop mspaint.exe..:

https://teleg.eu/sysadm_in_up/906
 
Открытые практикумы DevOps и White hacking by Rebrain (30.11, 2.12)

DevOps by Rebrain: Делаем data plane Kubernetes в AWS дешевле и проще в управлении
• Посмотрим, какие решения можно использовать для запуска подов в Kubernetes в облаке AWS
• Запустим наш кластер полностью на spot-инстансах и развернём приложение в нём
• Добавим в кластер ноды с разными архитектурами: x86 и ARM
• Попробуем serverless-решение Fargate, в котором поды можно запускать без добавления нод в кластер

• 30 Ноября 19.00 МСК. Регистрация
• Михаил Голубев - Sr. Solutions Architect в AWS. Больше 15 лет в IT.

White hacking by Rebrain: OWASP TOP 10 и насколько это применимо в жизни
• Поговорим о динамике owasp top 10 за последние года остановившись на 2021 года
• Подискутируем, что ещё могло бы туда попасть
• Разберём некоторые из уязвимостей на разных стеках

• 2 Декабря 19.00 МСК.Регистрация
• Александр Крылов - Lead DevOps В ПАО СК Росгосстрах. Опыт работы в DevOps более 5 лет.
 
Amazon Linux 2022 using under hood Fedora Linux:

https://aws.amazon.com/linux/amazon-linux-2022/
gcat_threathorizons_full_nov2021.pdf
2.6 MB
While cloud customers continue to face a variety of threats across applications and infrastructure,
many successful attacks are due to poor hygiene and a lack of basic control implementation...

Report from Thread Horizons