Client Citrix Independent Computing Architecture / Citrix Single Sign-On

🥝 Mimikatz by Benjamin Delpy

misc::citrix::logonpasswords

  • wfcrun32.exe
  • AuthManSvr.exe
  • ssonsvr.exe

video.twimg.com/tweet_video/Fc

🚨 CVE-2022-34718 : Microsoft Windows TCP/IP RCE

An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPSec is enabled, which could enable a remote code execution exploitation on that machine

msrc.microsoft.com/update-guid

🛠 FISSURE

An open-source RF & reverse engineering framework for all skill levels with hooks for signal detection and classification, protocol discovery, attack execution, IQ manipulation, vulnerability analysis, automation and AI/ML

github.com/ainfosec/FISSURE

RCE on Spip

  • Preauth custom SSTI on icalendar generation
  • Postauth email content eval
  • Postauth code injection in MediaBox as a WebMestre
  • Postauth php file upload // t0
  • DNS Rebinding on the file upload feature // t0

thinkloveshare.com/hacking/rce

🇨🇭 Un expert informatique a identifié une faille de sécurité sur l'une plateforme des Chemins de Fer Fédéraux suisses (cff.ch) lui permettant d'accéder aux données de 500 000 clients Swisspass. Aujourd'hui, on apprend que les chemins de fer étaient au courant de cette faille depuis 2018

ictjournal.ch/news/2022-08-19/

A vulnerability allowed someone to enter a phone number or email address into the log-in flow in the attempt to learn if that information was tied to an existing Twitter account, and if so, which specific account. No passwords were exposed.

privacy.twitter.com/en/blog/20

🔥 CVE-2022-20842 | CVE-2022-20827 | CVE-2022-20841

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS)

tools.cisco.com/security/cente

  • 🔥 CVE-2022-29154

A critical arbitrary file write vulnerability in the Rsync (before 3.2.5) utility that allows malicious remote servers to write arbitrary files inside th directories of connecting peers.

🛠 Appliquez le correctif de sécurité dans les plus brefs délais.

nvd.nist.gov/vuln/detail/CVE-2

Microsoft Security Response Center found a Private-Sector Offensive Actor. PSOAs also refers to as cyber mercenaries, sell hacking tools or services. KNOTWEED, developed malware called Subzero.

microsoft.com/security/blog/20

Plus anciens

yaracroft recommande :

nanao

Comme le soleil, les machines ne se couchent jamais.