PSA

If you have a #qnap NAS (like I do). please do not expose it on the internet. Only bad things will come from that. (And even (qnap themselves)[https://www.qnap.com/en/how-to/faq/article/what-is-the-best-practice-for-enhancing-nas-security] say so)

Use https://tailscale.com/qnap or similar if you need to access it from the outside. If you need to easily share files and don't want to use a cloud service? I don't know..

QNAP unpatched vulnerabilities: Security firm watchTowr Labs has found ~15 vulnerabilities~ in the firmware of QNAP network attached storage devices. Some of the vulnerabilities can be used for remote code execution attacks that do not require authentication. watchTowr reported the bugs in December of last year, but the vendor has only ~patched four~ of the fifteen so far. The security firm has published a ~PoC~ for one of the worst of the 15 bugs.
[risky-biz-newsletter])(https://news.risky.biz/risky-biz-news-germany-sues-microsoft-for-details-on-past-hack/?ref=risky-business-news-newsletter)

Resumen de las últimas 24 horas en seguridad informática: Descubre cómo mejorar tu estrategia de análisis con Ghidra y GDB, explora el fuzzing en aplicaciones Android, protege tus datos de QNAP QTS y mantente alerta ante ataques de ransomware y backdoors de Corea del Norte. Sumérgete en valiosas reflexiones sobre ciberseguridad en el seminario de ACCSS/NCSC/Surf. ¡Encuentra estos y más detalles en el siguiente listado de noticias sobre seguridad informática!

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 19/05/24 📆 |====

🔒 DESCUBRIENDO LA SUPERFICIE DE ATAQUE: GUÍA BÁSICA CON GHIDRA Y GDB

Aprende cómo generar código Python de GDB para rastrear programas analizados en Ghidra. ¡Descubre cómo optimizar tu estrategia de análisis! 👉 https://djar.co/4TppIQ

🔍 FUZZING ANDROID BINARIES CON AFL++ FRIDA MODE

Explora este prólogo sobre la creación y uso de instancias de JVM en aplicaciones Android C/C++. ¡Amplía tus conocimientos en fuzzing! 👉 https://djar.co/gYtKG

🛡️ QNAP QTS - QNAPpeando al Máximo (CVE-2024-27130 y compañía)

La seguridad informática se basa en datos. ¡Descubre cómo proteger o interrumpir el acceso a ellos con las últimas vulnerabilidades descubiertas en QNAP QTS! 👉 https://djar.co/yJHhD

💻 GANG DE RANSOMWARE APUNTA A ADMINISTRADORES DE WINDOWS MEDIANTE MALPUBLICIDAD DE PuTTy Y WinSCP

¡No caigas en la trampa! Conoce cómo una operación de ransomware busca a administradores de sistema a través de anuncios engañosos de PuTTy y WinSCP. 👉 https://djar.co/QWb2z

🇰🇵 KIMSUKY DE COREA DEL NORTE UTILIZA UN NUEVO BACKDOOR LINUX EN ATAQUES RECIENTES

Symantec alerta sobre un nuevo backdoor de Linux utilizado por el grupo Kimsuky de Corea del Norte en su última campaña contra organizaciones surcoreanas. ¡Mantente informado sobre las amenazas actuales! 👉 https://djar.co/v2OT

🔐 CIBERSEGURIDAD: UNA REFLEXIÓN ANTES DE LA GUERRA - ESCRITOS DE BERT HUBERT

Sumérgete en la transcripción editada de la presentación sobre ciberseguridad realizada en el seminario de ACCSS/NCSC/Surf. ¡Obtén valiosas perspectivas sobre la realidad actual! 👉 https://djar.co/cGCAy

Chrome zero-day analysis: Security researcher Alisa Esage has published root cause analysis for two of the three Chrome zero-days that Google patched last week—CVE-2024-4761 and CVE-2024-4671 (yes, very confusing CVEs).
risky-biz

Every time I see a #Chrome RCE I loose a bit more hope.

In my book, Chrome was the new browser which was built "secure by design". Giving up on all the legacy crap which made it possible to get compromised by just visiting a website.

But here we are, where Alisa Esage states

Based on my evaluation, the exploit can be recreated in about a week by someone with good knowledge and experience in Chrome exploitation, so it's definitely worth updating Chrome-based infrastructures as soon as possible.

Both bugs seem to be possible because Chrome is c++ though? So maybe #rustlang is the saviour who will finally free us from this.

Chrome zero-day analysis: Security researcher Alisa Esage has published root cause analysis for two of the three Chrome zero-days that Google patched last week—CVE-2024-4761 and CVE-2024-4671 (yes, very confusing CVEs).
risky-biz

Every time I see a #Chrome RCE I loose a bit more hope.

In my book, Chrome was the new browser which was built "secure by design". Giving up on all the legacy crap which made it possible to get compromised by just visiting a website.

But here we are, where Alisa Esage states

Based on my evaluation, the exploit can be recreated in about a week by someone with good knowledge and experience in Chrome exploitation, so it's definitely worth updating Chrome-based infrastructures as soon as possible.

Both bugs seem to be possible because Chrome is c++ though? So maybe #rustlang is the saviour who will finally free us from this.

@83r71n @shellsharks CVE-2024-34359 called "Llama Drama" 🦙