yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
Earlier this week the Jenkins infrastructure team identified a successful attack against our deprecated Confluence service #vuln #informatique
(CVE-2021-26084) X-Confluence-Request-Time #vuln #informatique
This PoC in #Python generates payload when exploited for a 0-day of GhostScript 9.50. This exploit affect to ImageMagick with the default settings from #Linux Ubuntu repository #vuln #informatique #
JetBrains Datalore - An attacker could take over a user's JWT token & gain access to its Datalore account. #vuln
https://infosecwriteups.com/eye-for-an-eye-unusual-single-click-jwt-token-takeover-2e58f88cf44d
(CVE-2021-38408) A stack-based buffer overflow vulnerability in Advantech WebAccess caused by a lack of proper validation of the length of user-supplied data may allow RCE. #vuln
💥 (CVE-2021-26084) was recently detected in exploits ITW (in the wild), a mass exploitation of Atlassian Confluence is ongoing & expected to accelerate #vuln
PST, Want a Shell? ProxyShell Exploiting #Microsoft Exchange Servers
https://www.fireeye.com/blog/threat-research/2021/09/proxyshell-exploiting-microsoft-exchange-servers.html #vuln
0-day RCE backdoor in Teradek IP video device firmwares - This is a report of a 0-day backdoor giving root shell (root:upsetdac). #vuln
TP-Link AC1200 Archer C50 (v6) #vuln
https://cybernews.com/security/amazon-tp-link-router-ships-with-vulnerable-firmware/
(CVE-2021-26084) (PoC) - An OGNL injection vulnerability exists that would allow an authenticated user, and in some instances unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. #vuln
Technical information about the SolarWinds Serv-U SSH vulnerability (CVE-2021-35211) #vuln
Unauthenticated PetitPotam everywhere:
- petitpotam to DC, target it to attacker host
- ntlmrelay (using socks) to target
- petitpotam again to target through socks (without supplying any passwords) using the relayed DC creds. #microsoft #windows #vuln #informatique
CVE-2021-33766 (ProxyToken) An authentication bypass in #Microsoft Exchange server. Exchange Server continues to be an amazingly fertile area for vulnerability research. #vuln
« Worst cloud vulnerability you can imagine » discovered in #Microsoft #Azure. Microsoft only emailed 30% or so of its Cosmos DB customers about the vulnerability #vuln
#Microsoft warned thousands of its #cloud computing customers, including some of the world's largest companies, that intruders could have the ability to read, change or even delete their main databases. The vulnerability is in Microsoft Azure's flagship Cosmos DB database. #vuln #windows #informatique
Multiple threat actors, including a ransomware gang, exploiting #Exchange ProxyShell vulnerabilities - #Microsoft #Russia has a more comprehensive writeup of ProxyShell than #Microsoft #Security ?! #vuln #threats
Timing Attack on MariaDB Through « Lobste.rs » Password Reset #crypto #vuln #informatique
https://soatok.blog/2021/08/20/lobste-rs-password-reset-vulnerability/
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
