Difference between revisions of "Template:PSWPaul608"

From Paul's Security Weekly
Jump to: navigation, search
(Added With Paul's Craptastic Python Script)
 
 
(2 intermediate revisions by the same user not shown)
Line 11: Line 11:
 
#[https://arstechnica.com/information-technology/2019/05/advanced-linux-backdoor-found-in-the-wild-escaped-av-detection/ Advanced Linux backdoor found in the wild escaped AV detection]
 
#[https://arstechnica.com/information-technology/2019/05/advanced-linux-backdoor-found-in-the-wild-escaped-av-detection/ Advanced Linux backdoor found in the wild escaped AV detection]
 
#[https://www.zdnet.com/article/remote-attack-flaw-found-in-iptv-streaming-service/ Remote attack flaw found in IPTV streaming service | ZDNet]
 
#[https://www.zdnet.com/article/remote-attack-flaw-found-in-iptv-streaming-service/ Remote attack flaw found in IPTV streaming service | ZDNet]
#[https://arstechnica.com/information-technology/2019/06/new-bluekeep-exploit-shows-the-wormable-danger-is-very-very-real/ Warnings of world-wide worm attacks are the real deal, new exploit shows]
+
#[https://arstechnica.com/information-technology/2019/06/new-bluekeep-exploit-shows-the-wormable-danger-is-very-very-real/ Warnings of world-wide worm attacks are the real deal, new exploit shows] - ''Unfortunately, these tasks often take place in mission-critical environments such as hospitals, factories, and industrial settings. While patching is by far the most effective way to prevent exploits, there are a variety of workarounds that can be deployed. Chief among them is enabling Network Level Authentication (NLA) for Remote Desktop Services, although this defense is ineffective in the event that attackers have compromised the NLA credentials. It may also be possible to at least partially defeat NLA defenses using a remote desktop protocol weakness disclosed Tuesday.'' So, for these mission critical applications in those environments, where they can't go down, can't be rebooted, and they are so important that patching is out of the question, WHY THE HELL DID YOU CHOOSE WINDOWS? Isn't there a better solution? Is this the fault of the provider? This isn't even a security argument, can't we help fix this problem with better design choices?
 
#[https://threatpost.com/microsoft-arbitrary-code-execution-old-bug/145527/ Microsoft Warns of Email Attacks Executing Code Using an Old Bug]
 
#[https://threatpost.com/microsoft-arbitrary-code-execution-old-bug/145527/ Microsoft Warns of Email Attacks Executing Code Using an Old Bug]
 
#[https://www.scmagazine.com/home/security-news/cybercrime/radiohead-sells-recordings-to-public-after-creep-hacker-threatens-to-leak-them/ Radiohead sells recordings to public after hacker threatens to leak them]
 
#[https://www.scmagazine.com/home/security-news/cybercrime/radiohead-sells-recordings-to-public-after-creep-hacker-threatens-to-leak-them/ Radiohead sells recordings to public after hacker threatens to leak them]
 
#[https://www.securityweek.com/microsoft-patches-critical-vulnerabilities-ntlm Microsoft Patches Critical Vulnerabilities in NTLM | SecurityWeek.Com]
 
#[https://www.securityweek.com/microsoft-patches-critical-vulnerabilities-ntlm Microsoft Patches Critical Vulnerabilities in NTLM | SecurityWeek.Com]
 
#[https://medium.com/@rangleio/jumpboxes-how-to-avoid-storing-ssh-keys-59e3dc78e5e6 Jumpboxes: How to avoid storing SSH keys]
 
#[https://medium.com/@rangleio/jumpboxes-how-to-avoid-storing-ssh-keys-59e3dc78e5e6 Jumpboxes: How to avoid storing SSH keys]
#[https://www.theregister.co.uk/2019/06/12/vim_remote_command_execution_flaw/ This is grim, Vim and Neovim: Opening this crafty file in your editor may pwn your box. Patch now if not already]
+
#[https://www.theregister.co.uk/2019/06/12/vim_remote_command_execution_flaw/ This is grim, Vim and Neovim: Opening this crafty file in your editor may pwn your box. Patch now if not already] - ''With Debian and some other Linux distros, .vimrc ships with modelines already disabled by default, hence those versions are not vulnerable out of the box, though it is still a good idea to update your copy of Vim or Neovim to the latest version.''
#[https://securityaffairs.co/wordpress/87025/hacking/symcrypt-library-flaw.html Google expert disclosed details of an unpatched flaw in SymCrypt library]
+
#[https://securityaffairs.co/wordpress/87025/hacking/symcrypt-library-flaw.html Google expert disclosed details of an unpatched flaw in SymCrypt library] - ''According to Microsoft, SymCrypt is the primary library for implementing symmetric cryptographic algorithms in Windows 8, it also implements asymmetric cryptographic algorithms starting with Windows 10 version 1703.Ormandy discovered that it is possible to trigger the flaw to cause an infinite loop when making specific cryptographic operations.''
 
#[https://www.darkreading.com/threat-intelligence/tomorrows-cybersecurity-analyst-is-not-who-you-think/a/d-id/1334912 Tomorrow's Cybersecurity Analyst Is Not Who You Think]
 
#[https://www.darkreading.com/threat-intelligence/tomorrows-cybersecurity-analyst-is-not-who-you-think/a/d-id/1334912 Tomorrow's Cybersecurity Analyst Is Not Who You Think]
 
#[https://www.darkreading.com/threat-intelligence/cognitive-bias-can-hamper-security-decisions/d/d-id/1334925 Cognitive Bias Can Hamper Security Decisions]
 
#[https://www.darkreading.com/threat-intelligence/cognitive-bias-can-hamper-security-decisions/d/d-id/1334925 Cognitive Bias Can Hamper Security Decisions]

Latest revision as of 21:08, 13 June 2019

  1. Black Hat Q&A: Defending Against Cheaper, Accessible 'Deepfake' Tech
  2. The Rise of 'Purple Teaming'
  3. World's Largest Beer Brewer Sets Up Cybersecurity Team
  4. Report: No Eternal Blue Exploit Found in Baltimore City Ransomware Krebs on Security
  5. Hacker Discloses Second Zero-Day to Bypass Patch for Windows EoP Flaw
  6. Critical Flaw Reported in Popular Chrome Extension from Evernote Users
  7. UP Specifications
  8. Some Raspberry Pi compatible computers
  9. Interesting JavaScript Obfuscation Example - SANS Internet Storm Center
  10. UPDATE: Sysdig Falco v0.15.1 - PenTestIT
  11. Advanced Linux backdoor found in the wild escaped AV detection
  12. Remote attack flaw found in IPTV streaming service | ZDNet
  13. Warnings of world-wide worm attacks are the real deal, new exploit shows - Unfortunately, these tasks often take place in mission-critical environments such as hospitals, factories, and industrial settings. While patching is by far the most effective way to prevent exploits, there are a variety of workarounds that can be deployed. Chief among them is enabling Network Level Authentication (NLA) for Remote Desktop Services, although this defense is ineffective in the event that attackers have compromised the NLA credentials. It may also be possible to at least partially defeat NLA defenses using a remote desktop protocol weakness disclosed Tuesday. So, for these mission critical applications in those environments, where they can't go down, can't be rebooted, and they are so important that patching is out of the question, WHY THE HELL DID YOU CHOOSE WINDOWS? Isn't there a better solution? Is this the fault of the provider? This isn't even a security argument, can't we help fix this problem with better design choices?
  14. Microsoft Warns of Email Attacks Executing Code Using an Old Bug
  15. Radiohead sells recordings to public after hacker threatens to leak them
  16. Microsoft Patches Critical Vulnerabilities in NTLM | SecurityWeek.Com
  17. Jumpboxes: How to avoid storing SSH keys
  18. This is grim, Vim and Neovim: Opening this crafty file in your editor may pwn your box. Patch now if not already - With Debian and some other Linux distros, .vimrc ships with modelines already disabled by default, hence those versions are not vulnerable out of the box, though it is still a good idea to update your copy of Vim or Neovim to the latest version.
  19. Google expert disclosed details of an unpatched flaw in SymCrypt library - According to Microsoft, SymCrypt is the primary library for implementing symmetric cryptographic algorithms in Windows 8, it also implements asymmetric cryptographic algorithms starting with Windows 10 version 1703.Ormandy discovered that it is possible to trigger the flaw to cause an infinite loop when making specific cryptographic operations.
  20. Tomorrow's Cybersecurity Analyst Is Not Who You Think
  21. Cognitive Bias Can Hamper Security Decisions