Rarible – Create
Sys-Admin & InfoSec Channel
13.8K subscribers
112 photos
2 videos
85 files
3K links
Posts from IT resources, news of information security, information technology, articles on the topic (data leaks, hacks, tools, trainings). Multilingual.
* Forum - forum.sys-adm.in
* Chat - @sysadm_in
* Job - @sysadm_in_job
* All questions - @sysadminkz
Download Telegram
to view and join the conversation
Rarible – Create
Android_privacy_report.pdf
814.9 KB
Android Mobile OS Snooping By Samsung,
Xiaomi, Huawei and Realme Handsets

Report about of how mobile device vendors spying to us*

P S. Some "spying" traffic from Android (like as Xiaomi, Facebook (if possible), built-in Android tracking) preventing by free Sys-Admin BLD service (lab.sys-adm.in)
vt-ransomware-report-2021.pdf
1.2 MB
Report from Virus Total about pf ransomware activity
Ключи от Королевства или The keys to the kingdom - securing your devices and accounts

Когда то были рекоммендации создавать сложные пароли и пассфразы:

https://support.microsoft.com/en-us/office/the-keys-to-the-kingdom-securing-your-devices-and-accounts-a925f8ad-af7e-40d8-9ce4-60ea1cac2ba4

Рекоммендации по паролям:

https://docs.microsoft.com/en-us/microsoft-365/admin/misc/password-policy-recommendations?view=o365-worldwide

Теперь же прогнозируется беспарольное будущее:

https://www.microsoft.com/security/blog/2021/09/15/the-passwordless-future-is-here-for-your-microsoft-account/

Как бы там ни было - Берегите ключи от своего Королевства, будучи внимательным и предупрежденным 🙂
BlackMatter Ransomware (Alert from CISA)

https://us-cert.cisa.gov/ncas/alerts/aa21-291a
Cito (со слов разработчика) может транслировать исходный код в C, C++, C#, Java, JavaScript, Python, Swift, TypeScript, OpenCL C...

https://teleg.eu/sysadm_in_up/860

P.S. непонятно так ли это на самом деле... нужно смотреть*
Full Disclosure: Defense in depth -- the Microsoft way (part 78): completely outdated, vulnerable open source component(s) shipped with Windows 10&11
https://seclists.org/fulldisclosure/2021/Oct/17

P.S. thx for the link dear subscriber ✌️
Oracle Critical Patch Update Advisory - October 2021

https://www.oracle.com/security-alerts/cpuoct2021.html
SmashEx

SmashEx is an attack that exploits re-entrancy vulnerabilities in the exception handling designs of Intel SGX (Software Guard eXtensions) enclave runtimes. It is powerful enough to allow an attacker to read secrets or perform arbitrary code execution inside the victim enclave.

https://jasonyu1996.github.io/SmashEx/
Gummy Browsers: Targeted Browser Spoofing against State-of-the-Art Fingerprinting Techniques

https://arxiv.org/pdf/2110.10129.pdf