CipherTechs, Inc.
@CipherTechs
CipherTechs is a global Cyber Security service provider founded in 2001 that remains privately held with headquarters in New York City.
Was dir gefallen könnte
CipherTechs discovered an admin authentication bypass 0day in JFrog Artifactory. ciphertechs.com/jfrog-artifact…. Patches and work around are available. Be sure to find out if your in-house dev team uses Artifactory. Shout-outs to @jfrog for their vuln disclosure process!
Update Chrome! chromereleases.googleblog.com/2022/08/stable…
Auth bypass affecting multiple VMware products kb.vmware.com/s/article/89096
- "... and then he said to sign my malware.exe with faked Microsoft cert to evade AVs/EDRs. Would you believe?" ( ̄y▽ ̄)╭ Ohohoho..... Sign-Artifact.ps1 - based on @mattifestation research & implementation shamelessly borrowed here: github.com/mgeeky/Penetra…
Patch Atlassian products: confluence.atlassian.com/security/july-…
zyxel.com/support/Zyxel-… Pedro and Darren from CipherTechs Red Team credited in Zyxel advisory
Months of fun for pentesters - new Confluence exploitable bug cisa.gov/uscert/ncas/cu…
cisa.gov/known-exploite… sort by date added. These are actively exploited bugs - good priority list for patching.
cisa.gov/uscert/ncas/al… there's been a few of these. Along with patching, be sure to remove management interfaces from the Internet.
WSO2 exploit for CVE-2022-29464 is now public github.com/hakivvi/CVE-20… Patch details here docs.wso2.com/display/Securi…
Senior Penetration Tester infosec-jobs.com/job/9860-senio…
LAPSUS$ extortion group claims to have breached @Okta. They have released 8 photos as proof. The photos we are sharing has been edited so no sensitive information or user identities are displayed. Image 1 - 4 attached below.
Sandy Bacik, Director of Audit and Compliance at @CipherTechs, will present on PCI 4.0 next week at SecureWorld Philadelphia. See the conference agenda and register here: hubs.li/Q0168mQt0 #SWPHL22 #GRC
container escape unit42.paloaltonetworks.com/cve-2022-0492-…. "Containers running with AppArmor, SELinux or Seccomp are protected"
Zabbix RCE
Our researchers discovered a high-severity code vulnerability in the open-source monitoring platform Zabbix. Learn more about this authentication bypass in our latest publication🔥 blog.sonarsource.com/zabbix-case-st… #appsec #cve-2022-23131 #cve-2022-23134
blog.qualys.com/vulnerabilitie… Polkit LPE. Reminder to make removing setuid part of your standard Linux builds.
Can confirm! ➡️Splashtop SRUtility.exe ➡️AnyDesk AnyDesk.exe AnyDeskMSI.exe ➡️Atera AteraAgent.exe AgentPackageSTRemote.exe AgentPackageHeartbeat.exe AgentPackageWindowsUpdate.exe AgentPackageADRemote.exe Thanks for sharing @AltShiftPrtScn!
#Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access. During initial stage of IR I recommend blocking ALL remote access tools via Application Control policies, allow only the ones required & monitor their use.
Arbitrary file write on Windows domain controllers bugs.chromium.org/p/project-zero…. Microsoft guidance here msrc.microsoft.com/update-guide/v…
This could be like shellshock where it takes weeks to find all the appliances and SaaS that are affected. If you use log4j (and you probably do) check out github.com/nice0e3/log4j_… and . This is a juicy bug.
![remco_verhoef's profile picture. Founder DutchSec // SANS ISC Handler // GIAC // OSC[P|E] // Rustician // Gopher // ML / DL / Deception / 🍯 / Evil Emacs](https://pbs.twimg.com/profile_images/1055171039272099846/cp6p307C.jpg)
United States Trends
- 1. Carson Beck 3,166 posts
- 2. Vandy 11.8K posts
- 3. Clemson 11K posts
- 4. Miami 58.6K posts
- 5. Mario 61.7K posts
- 6. Jeremiah Smith 8,035 posts
- 7. Texas 114K posts
- 8. Ohio State 16.5K posts
- 9. Vanderbilt 9,364 posts
- 10. Julian Sayin 6,266 posts
- 11. #HookEm 4,016 posts
- 12. Dawson 4,349 posts
- 13. Pavia 4,294 posts
- 14. Dabo 2,447 posts
- 15. Caicedo 42.9K posts
- 16. Duke 19.4K posts
- 17. Caleb Downs 1,359 posts
- 18. Arch Manning 4,709 posts
- 19. Noah Thomas N/A
- 20. Jeff Sims N/A
Something went wrong.
Something went wrong.