yaracroft @venom@nanao.cybtex.fr
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
SAML is insecure by design : SAML uses signatures based on computed values. The practice is inherently insecure and thus SAML as a design is insecure #informatique
ProxyShell PoC Exploit : #Microsoft Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write) #python #windows #informatique
In this research, our goal is to read #Microsoft « LSASS.exe » memory from #Windows userland. We experimented against #Kaspersky Total Security (KTS), one of the top security products currently. #threats #informatique
https://blog.vincss.net/2021/08/ex007-how-playing-cs-go-helped-you-bypass-security-products.html
pyWhisker is a #Python tool allows users to manipulate the msDS-KeyCredentialLink attribute of a target user/computer to obtain full control over that object. #informatique
Limelighter is a tool for generating fake code signing certificates or signing real ones #linux #informatique
ADSI is a set of interfaces allowing administrators to query information on an *Active Directory environment #windows #informatique
https://grimmie.net/tools-techniques-and-grimmie-experimenting-w-offensive-adsi/
ProxyLogon is just the tip of the Iceberg : A new attack surface on #Microsoft Exchange Server #windows #threats #informatique
#informatique : Pentesting #Docker & #Kubernetes
https://blog.cyr3con.ai/docker-kubernetes-part-1-exploitation-in-the-wild
https://blog.cyr3con.ai/docker-kubernetes-part-2-vulnerability-attribution
https://blog.cyr3con.ai/docker-kubernetes-part-3-covid-19-effect
https://blog.cyr3con.ai/docker-kubernetes-part-4-kubernetes-in-detail
https://blog.cyr3con.ai/docker/kubernetes-part-5-docker-in-detail
https://blog.cyr3con.ai/docker/kubernetes-part-6-common-weakness-enumeration-cwe
(CVE-2020-29015) An OS command injection vulnerability in #Fortinet FortiWeb's management interface (version 6.3.11 and prior) can allow a remote, authenticated attacker to execute arbitrary commands on the system, via the SAML server configuration page #vuln #firewall #informatique #cyber #threats
https://www.rapid7.com/blog/post/2021/08/17/fortinet-fortiweb-os-command-injection/
(CVE-2021-28372) Critical Vulnerability That Affects Millions of internet-of-things (#IoT) #devices that use the ThroughTek « Kalay » network - one that exposes live video and audio streams to eavesdropping threat actors and which could enable attackers to take over control of devices, including security webcams and connected baby monitors #vuln #cyber #threats #informatique
(CVE-2021-21832) Memory corruption vulnerability in Daemon Tools Pro can cause memory corruption in the application if the user opens an adversary-created ISO file that causes an integer overflow. This vulnerability exists in the way the application parses ISOs. #vuln #informatique
https://blog.talosintelligence.com/2021/08/vulnerability-spotlight-memory.html
Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the #Supply Chain : At least 65 vendors affected by severe vulnerabilities that enable unauthenticated attackers to fully compromise the target device and execute arbitrary code with the highest level of privilege. #Realtek chipsets are found in many embedded #devices in the IoT space. RTL8xxx SoCs – which provide #wireless capabilities – are very common.
- CVE-2021-35392 (#WiFi Simple Config’ stack buffer overflow via UPnP)
- CVE-2021-35393 (WiFi Simple Config’ heap buffer overflow via SSDP)
- CVE-2021-35394 (MP Daemon diagnostic tool command injection)
- CVE-2021-35395 (management web interface multiple vulnerabilities #vuln #informatique
https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/
Ce dimanche 15 août 2021, le centre de #vaccination de Saint-Céré (#france) a été victime d'un acte de vandalisme. Les faits ont été constatés lundi 16 août 2021 au matin par les responsables de cet espace dédiés aux injections contre la #Covid-19. Outre les dégradations, le matériel #informatique permettant la gestion de cet acte médical et la délivrance du pass sanitaire a été dérobé #santé
Volodymyr Diachenko, security researcher at Comparitech (comparitech.com) has revealed the discovery of a federal terrorist watchlist that includes 1.9 million records. The watchlist came from the Terrorist Screening Center (TSC), a multi-agency group administered by the FBI. The TSC maintains the country's no-fly list, which is a subset of the larger watchlist. The exposed server was indexed by search engines Censys (censys.io) and ZoomEye (zoomeye.org) #usa #terrorism #cyber #threats
https://threatpost.com/terrorist-watchlist-exposed-online/168737/
#Japan's Tokio Marine (tokiomarinehd.com), which has a U.S. division and offers a #cyber #insurance product, is the latest insurer to be victimized by #ransomware
https://www.cyberscoop.com/tokio-marine-ryan-specialty-group-ransomware-cyber-insurance/
Utilities to extract secrets from 1Password #informatique
https://posts.specterops.io/1password-secret-retrieval-methodology-and-implementation-6a9db3f3c709
Suite au piratage #informatique du médecin responsable du centre de #vaccination d'Arcachon (#France) , des malfaiteurs ont pu se connecter avec ses identifiants sur le site de l'Agence Numérique de la Santé (esante.gouv.fr) et imprimer 55 certificats de vaccination
Pine64 PineNote (e-ink device) Specifications:
60 FPS e-ink panel
191.1 x 232.5 x 7.4mm
Total Weight: 438g
OS: Manjaro #Linux
10.3″ 1404 x 1872 Resolution (Pixels)
227 DPI
16 levels of Grayscale
Touchscreen
EMR Stylus Pen with Wacom technology
Front light (FL)
36 level cold and warm light
CPU = RK3566 1.8GHz 64-bit Quad-Core A55
- mnt-by
- @socat
Robot
sc(r)apy | full metal packets
> We Are the Borg
> You Will be Assimilated
> Resistance is Futile
Inscrit·e en mar. 2021
yaracroft recommande :
