Podcasts about libssh

Neste episódio vamos falar sobre uma vulnerabilidade encontrada na biblioteca libssh que atende alguns programas que usam o protocolo SSH. Ajude o Segurança Legal a continuar existindo. Visite nossa campanha de financiamento coletivo e nos apoie! TemaContinue reading

Podcast Szurkogadanie - cotygodniowe zestawienie najciekawszych wiadomości ze świata bezpieczeństwa komputerowego. W tym odcinku: kto ma dostęp do rejestru PESEL, niebezpieczne rozszerzenia na platformę KODI oraz o błędzie w libSSH. Transkrypcja: https://security.szurek.pl/szurkogadanie-16.html Bazując na: https://zaufanatrzeciastrona.pl/post/weekendowa-lektura-odcinek-285-2018-10-20-bierzcie-i-czytajcie/ Icon made by Freepik from www.flaticon.com 0:25 http://prawo.gazetaprawna.pl/artykuly/1307429,firmy-maja-rzadowa-zgode-na-dostep-do-rejestru-pesel.html 3:09 https://czasopismo.legeartis.org/2018/10/odpowiedzialnosc-abonenta-lacza-internetowego-udostepnianie-plikow.html 4:12 https://www.zdnet.com/article/equifax-engineer-who-designed-breach-portal-gets-8-months-of-house-arrest-for-insider-trading/ 5:51 https://zaufanatrzeciastrona.pl/post/ktos-podlozyl-nadajniki-gps-w-samochodach-zabawkach-uczestnikom-wyscigow/ 7:25 https://www.youtube.com/watch?v=Ved84d_6occ 8:59 https://medium.com/walmartlabs/vba-stomping-advanced-maldoc-techniques-612c484ab278 10:07 https://www.nccgroup.trust/uk/our-research/technical-advisory-authentication-bypass-in-libssh/ 11:02 https://www.welivesecurity.com/2018/09/13/kodi-add-ons-launch-cryptomining-campaign/ 12:22 https://www.bleepingcomputer.com/news/security/jquery-file-upload-plugin-vulnerable-for-8-years-and-only-hackers-knew/ Więcej na: https://www.youtube.com/watch?v=38vK2Hyrasw

In Kalenderwoche 43 geht es im CISO Summit um den Auth Bypass in libssh. Außerdem sprechen wir über den jQuery-File-Upload und wie dieser überhaupt entstand und wir zeigen eine Remote Code Execution im Cisco Webex Windows Client (WebExec). #Antago #libssh #WebExec Unsere Playlists: ———————————————————————— Ciso Summit: https://www.youtube.com/playlist?list=PL5UPPOVLI7TcNADgzBOpBEIw4y8Pafrju Hackers Talk: https://www.youtube.com/playlist?list=PL5UPPOVLI7TddmJLJg5bfkvtdQKMr1Low Folgen Sie uns auf Social Media: ———————————————————————— YouTube: https://www.youtube.com/channel/UCR5Rbm4v5q7muJfmuknOxrQ Facebook: https://www.facebook.com/antagogmbh/ Twitter: https://twitter.com/AntagoGmbH Xing: https://www.xing.com/companies/antagogmbh LinkedIn: https://www.linkedin.com/company/antago-gmbh Podcast: ———————————————————————— Spotify: https://open.spotify.com/show/04WZqMHD9tNZVLy0MmDR2g?si=sq9GUyGXQNSZUqb6cIAUfQ iTunes: https://itunes.apple.com/us/podcast/antagos-ciso-summit/id1434693160?mt=2 libssh-Exploit ———————————————————————— Quellen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10933 https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/ Tags: #libssh #Authbypass jQuery-File-Upload ———————————————————————— Quellen: https://blogs.akamai.com/sitr/2018/10/having-the-security-rug-pulled-out-from-under-you.html Tags: #jQueryFileUpload RCE bei Cisco Webex (WebExec) ———————————————————————— Quellen: https://blog.skullsecurity.org/2018/technical-rundown-of-webexec Tags: #WebExec #Webex Diese Woche wurde das CISO Summit von Alexander Dörsam präsentiert. Besuchen Sie uns auf https://antago.info

This week, Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, a remote code implantation flaw found in Medtronic Cardiac Programmers, hackers hiding Cryptocurrency malware in Adobe flash updates, how the government is finally rolling out 2 Factor Authentication for Federal Agency Domains, and how Disney is helping women from across their company to become Developers!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Critical Code execution flaws, WordPress working on wiping older versions from existence, Multiple serious flaws in Drupal, TCP/IP flaws leave IoT gear open to mass hijacking, jQuery plugin actively exploited for at least three years, Flaw in libssh leaves thousands of servers at risk of hijacking, and 8 adult websites exposes a bunch of "intimate" user data! Leonard Simon from Springboard joins us for expert commentary on how to get into the field of Information Security!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode194 Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, and a remote code implantation flaw found in Medtronic Cardiac Programmers. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Follow us on Twitter: https://www.twitter.com/securityweekly

This week, Critical Code execution flaws, WordPress working on wiping older versions from existence, Multiple serious flaws in Drupal, TCP/IP flaws leave IoT gear open to mass hijacking, jQuery plugin actively exploited for at least three years, Flaw in libssh leaves thousands of servers at risk of hijacking, and 8 adult websites exposes a bunch of "intimate" user data! Leonard Simon from Springboard joins us for expert commentary on how to get into the field of Information Security!   Full Show Notes: https://wiki.securityweekly.com/HNNEpisode194 Visit https://www.securityweekly.com/hnn for all the latest episodes! Visit https://www.activecountermeasures/hnn to sign up for a demo or buy our AI Hunter!!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, a remote code implantation flaw found in Medtronic Cardiac Programmers, hackers hiding Cryptocurrency malware in Adobe flash updates, how the government is finally rolling out 2 Factor Authentication for Federal Agency Domains, and how Disney is helping women from across their company to become Developers!   Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Visit https://www.securityweekly.com/asw for all the latest episodes! Visit https://www.activecountermeasures/asw to sign up for a demo or buy our AI Hunter!   Visit our website: https://www.securityweekly.com Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly 

This week, Critical Code execution flaws, WordPress working on wiping older versions from existence, Multiple serious flaws in Drupal, TCP/IP flaws leave IoT gear open to mass hijacking, jQuery plugin actively exploited for at least three years, Flaw in libssh leaves thousands of servers at risk of hijacking, and 8 adult websites exposes a bunch of "intimate" user data! Leonard Simon from Springboard joins us for expert commentary on how to get into the field of Information Security! Full Show Notes: https://wiki.securityweekly.com/HNNEpisode194 Visit http://hacknaked.tv to get all the latest episodes!

Paul and April Wright discuss a jQuery Plugin that has been exploited for years is finally getting patched, a flaw in LibSSH leaves thousands of servers at risk, and a remote code implantation flaw found in Medtronic Cardiac Programmers. Full Show Notes: https://wiki.securityweekly.com/ASW_Episode36 Follow us on Twitter: https://www.twitter.com/securityweekly

Falamos com Renato Marinho sobre o update trimestral da Oracle liberado semana passada e uma vulnerabilidade identificada na biblioteca libssh.

Oracle CPU https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html libssh vulnerability https://www.libssh.org/security/advisories/CVE-2018-10933.txt Vending Machine Mobile App Compromise https://hackernoon.com/how-i-hacked-modern-vending-machines-43f4ae8decec Browsers Announce Timeline to Discontinue TLS1.0/1.1 support https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/ https://security.googleblog.com/2018/10/modernizing-transport-security.html https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/ https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/

Oracle CPU https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html libssh vulnerability https://www.libssh.org/security/advisories/CVE-2018-10933.txt Vending Machine Mobile App Compromise https://hackernoon.com/how-i-hacked-modern-vending-machines-43f4ae8decec Browsers Announce Timeline to Discontinue TLS1.0/1.1 support https://blogs.windows.com/msedgedev/2018/10/15/modernizing-tls-edge-ie11/ https://security.googleblog.com/2018/10/modernizing-transport-security.html https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/ https://webkit.org/blog/8462/deprecation-of-legacy-tls-1-0-and-1-1-versions/

Nous venons de tourner un nouveau SECHebdo en live sur Youtube. Comme d’habitude, si vous avez raté l’enregistrement, vous pouvez le retrouver sur notre chaîne Youtube (vidéo ci-dessus) ou bien au format podcast audio: Au sommaire de cette émission : Todo (00:01:00) { "options": { "theme": "default" }, "extensions": { "ChapterMarks": { "disabled": false }, "EpisodeInfo": {}, "Playlist": { "disabled": true }, "Transcript": { "disabled": true } }, "