English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#spring4shell search results

HaboubiAnis's profile picture. Cyber Threat Intelligence Analyst | Decentralized Autonomous Financial Resistant | #bitcoin #ordinals #defi
Anis Haboubi |₿|
 @HaboubiAnis
Apr 11, 2022

Je dis ca je dis rien :-) mais je trouve pratique que pour les #Election2022 le logiciel utilisé par @IfopOpinion a une vulnérabilité critique #spring4shell CVE-2022-22965 ; Bonne élection et transpanre mes amis français ; #cyberwar

HaboubiAnis's tweet image. Je dis ca je dis rien :-) mais je trouve pratique que pour les #Election2022 le logiciel utilisé par @IfopOpinion a une vulnérabilité critique #spring4shell CVE-2022-22965 ; Bonne élection et transpanre mes amis français ; #cyberwar
4
49
77
6
0
ptracesecurity's profile picture. Empowering IT Security Professionals through Hands-On Online Courses.
Ptrace Security GmbH
 @ptracesecurity
Apr 26, 2022

Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities kitploit.com/2022/04/spring… #Pentesting #Spring4Shell #CyberSecurity #Infosec

ptracesecurity's tweet image. Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities kitploit.com/2022/04/spring… #Pentesting #Spring4Shell #CyberSecurity #Infosec
ptracesecurity's tweet image. Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities kitploit.com/2022/04/spring… #Pentesting #Spring4Shell #CyberSecurity #Infosec
1
30
77
11
0
TenableSecurity's profile picture. Welcome to Tenable. Your exposure ends here. Cloud Exposure | Vulnerability Exposure | OT Exposure | Identity Exposure
Tenable
 @TenableSecurity
Mar 31, 2023

💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.

TenableSecurity's tweet image. 💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.
1
3
2
0
1K
ine's profile picture. The premier provider of technical training for the #IT Industry. 💻 #infosec #cybersecurity #cloud #datascience #networking
INE
 @ine
Aug 6

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4m0d7z5

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

Source: ine.com
1
0
3
1
599
foojayio's profile picture. https://t.co/79DlsBV1yM: a place for friends of OpenJDK (https://t.co/bm1vJXRJlN)! Twitter handle run by @geertjanw, @ypoirier, @bazlur_rahman, @tobiasbriones_!
Foojay.io
 @foojayio
Sep 19, 2024

The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip

foojayio's tweet image. The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip
0
2
7
0
2K
GOTOcon's profile picture. #GOTO Presents the Brightest Minds in Tech. Check out GOTO Conferences. Join us on the other side: https://t.co/BPo8tCStDc
GOTO
 @GOTOcon
Sep 28, 2023

#Log4Shell & #Spring4Shell proved that we need to keep our dependencies up-to-date From package managers to bots that can create changes on repositories, there are many tools. At #GOTOcph @MaritvanDijk77 will talk about keeping your dependencies in check gotocph.com/2023

0
1
3
1
692
TWiT's profile picture. Looking for the latest in Tech? Follow @TWiT - Tech podcasts with @leolaporte, @mikahsargent, and friends. Get extras at https://t.co/vJKBWWeYmx
TWiT Tech Podcasts
@TWiT
Apr 13, 2022

Join @SGgrc & @leolaporte for a breakdown of Microsoft’s new #Autopatch system, the #Spring4Shell vulnerability, and the 0-Day in NGINX - “the Internet’s most used webserver platform!”  Hear the latest #cybersecurity news and subscribe on @pocketcasts twit.tv/sn854

TWiT's tweet image. Join @SGgrc & @leolaporte for a breakdown of Microsoft’s new #Autopatch system, the #Spring4Shell vulnerability, and the 0-Day in NGINX - “the Internet’s most used webserver platform!”  Hear the latest #cybersecurity news and subscribe on @pocketcasts twit.tv/sn854
0
6
97
0
0
Dynatrace's profile picture. Dynatrace is the leading AI-powered observability platform that enables you to transform complexity into your greatest asset and drive your business forward.
Dynatrace
 @Dynatrace
Apr 15, 2022

To illustrate why #Spring4Shell is such a critical vulnerability, it helps to understand how Spring works. Stefan Achleitner explains & highlights how #Dynatrace Application Security enables automatic real-time protection to block these types of attacks. dynatr.ac/3OinDBs

Dynatrace's tweet image. To illustrate why #Spring4Shell is such a critical vulnerability, it helps to understand how Spring works. Stefan Achleitner explains & highlights how #Dynatrace Application Security enables automatic real-time protection to block these types of attacks. dynatr.ac/3OinDBs
0
1
2
0
0
CheckPointSW's profile picture. You deserve the best security. Get the protection you need against AI-driven cyber attacks.
Check Point Software
@CheckPointSW
May 5, 2022

Zero Day attacks aren’t going anywhere. What facts do you need to know about #log4j and #Spring4Shell? Find out, here: bit.ly/3KONBJH #cybersecurity

CheckPointSW's tweet image. Zero Day attacks aren’t going anywhere. What facts do you need to know about #log4j and #Spring4Shell? Find out, here: bit.ly/3KONBJH #cybersecurity
0
10
7
0
0
Sn0wF0x1337's profile picture. We exist without skin color, without nationality, without religious bias... and you call us criminals. HACK THE PLANET! Auth/DHD Non Binary
Sn0wF0x
 @Sn0wF0x1337
Sep 18, 2022

Spring4Shell: CVE-2022-22965 - I have just completed this room! Check it out: tryhackme.com/room/spring4sh… #tryhackme #spring4shell #vulnerability #RCE #Java #Spring#Beginner #MuirlandOracle via @realtryhackme

Sn0wF0x1337's tweet image. Spring4Shell: CVE-2022-22965 - I have just completed this room! Check it out: tryhackme.com/room/spring4sh… #tryhackme #spring4shell #vulnerability #RCE #Java #Spring#Beginner #MuirlandOracle via @realtryhackme
1
0
10
0
0
TrendMicro's profile picture. Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information across enterprises, governments, and consumers.
Trend Micro
 @TrendMicro
May 4, 2022

Our blog entry looks at the technical details behind attempts to exploit the #Spring4Shell vulnerability, including how they create web shells to deploy cryptocurrency miners. More details in our post: research.trendmicro.com/3L6Y0S6

TrendMicro's tweet image. Our blog entry looks at the technical details behind attempts to exploit the #Spring4Shell vulnerability, including how they create web shells to deploy cryptocurrency miners. More details in our post: research.trendmicro.com/3L6Y0S6
0
0
5
0
0
securityblvd's profile picture. The primary destination for leading cybersecurity news and discourse. Powered by @TechstrongGroup.
Security Boulevard
@securityblvd
Jan 3, 2023

#1) New #Spring4Shell Zero-Day Vulnerability Confirmed. Here’s the latest in our series of #TheBestof2022. Our top story for 2022! ❗️ bit.ly/3jqp5GS

securityblvd's tweet image. #1) New #Spring4Shell Zero-Day Vulnerability Confirmed. Here’s the latest in our series of #TheBestof2022. Our top story for 2022! ❗️ bit.ly/3jqp5GS
0
1
2
0
172
BlackDuck_SW's profile picture. True Scale Application Security — Uncompromised trust in software for the regulated, AI-powered world
Black Duck
@BlackDuck_SW
May 18, 2022

The #Spring4Shell vulnerability targets a ubiquitous language & framework, taking aim at a large tech footprint. Read today's blog for insights into our exploit development and&testing process for this Zero-Day Remote Code Execution (RCE) vuln: bit.ly/3NiJIyg

BlackDuck_SW's tweet image. The #Spring4Shell vulnerability targets a ubiquitous language & framework, taking aim at a large tech footprint. Read today's blog for insights into our exploit development and&testing process for this Zero-Day Remote Code Execution (RCE) vuln: bit.ly/3NiJIyg
0
2
2
0
0
F5's profile picture. We deliver and secure every app.
F5
 @F5
Apr 26, 2022

The raft of vulnerabilities in the Spring framework may sound a lot like Log4Shell, but there are significant differences that affect how you should respond. Learn more: go.f5.net/7xj5je #Spring4Shell

F5's tweet image. The raft of vulnerabilities in the Spring framework may sound a lot like Log4Shell, but there are significant differences that affect how you should respond. Learn more: go.f5.net/7xj5je #Spring4Shell
0
2
0
0
0
LumITCyberSec's profile picture. 🛡️ Rendiamo più sicuro il tuo lavoro con la nostra esperienza in ambito Cyber Security.
LumIT - System Integrator
 @LumITCyberSec
Apr 26, 2022

Proprio quando pensavamo che fosse sicuro tornare allo sviluppo di applicazioni dopo Log4j e gli attacchi Log4Shell, ecco che arriva Spring4Shell. Scopri come mitigare le nuove minacce con @F5 👉 bit.ly/LumIT-Spring4S… #CyberSecurity #Spring4Shell

LumITCyberSec's tweet image. Proprio quando pensavamo che fosse sicuro tornare allo sviluppo di applicazioni dopo Log4j e gli attacchi Log4Shell, ecco che arriva Spring4Shell. Scopri come mitigare le nuove minacce con @F5 👉 bit.ly/LumIT-Spring4S… #CyberSecurity #Spring4Shell
0
2
5
0
0
INEsecurity's profile picture. Revolutionizing the way the world gains #ITSecurity skills. Part of the @INE family
INE Security (FKA eLearnSecurity)
 @INEsecurity
Aug 6

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4m4S0eY

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

Source: ine.com
1
0
0
1
510
SecurityTube's profile picture. We help professionals acquire the skills, knowledge and certificates by teaching defense through offense to advance their careers in cybersecurity.
Pentester Academy
 @SecurityTube
Aug 6

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4olMqq6

SecurityTube's tweet card. Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…
Lab Walkthrough: Exploiting Spring4Shell (C…
Source: ine.com
1
2
9
2
951
ine's profile picture. The premier provider of technical training for the #IT Industry. 💻 #infosec #cybersecurity #cloud #datascience #networking
INE
 @ine
Aug 6

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4m0d7z5

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

Source: ine.com
1
0
3
1
599
INEsecurity's profile picture. Revolutionizing the way the world gains #ITSecurity skills. Part of the @INE family
INE Security (FKA eLearnSecurity)
 @INEsecurity
Aug 6

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4m4S0eY

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

Source: ine.com
1
0
0
1
510
PKMB_BlueSec's profile picture. Aspiring SOC Analyst | Cyber Threat Defender | Cloud Security | #BlueTeam Enthusiast | Azure Fundamentals Certified | Pursuing Security+ and Splunk Certs
Paa Kweku | SOC Analyst (Blue Team)
 @PKMB_BlueSec
Mar 15

Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell

PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
1
0
2
0
122
ine's profile picture. The premier provider of technical training for the #IT Industry. 💻 #infosec #cybersecurity #cloud #datascience #networking
INE
 @ine
Feb 6

🧵 New Blog: Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Must-read for #Java devs & #AppSec teams bit.ly/3Cr020l #Spring4Shell #InfoSec

ine.com

Lab Walkthrough - Exploiting Spring4Shell (…

In this article, we will learn to exploit the Spring4Shell vulnerability in a realistic environment and gain code execution on the target server!

Source: ine.com
0
1
5
0
599
SecurityTube's profile picture. We help professionals acquire the skills, knowledge and certificates by teaching defense through offense to advance their careers in cybersecurity.
Pentester Academy
 @SecurityTube
Feb 6

🧵 New Blog: Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Must-read for #Java devs & #AppSec teams bit.ly/412naeQ #Spring4Shell #InfoSec

ine.com

Lab Walkthrough - Exploiting Spring4Shell (…

In this article, we will learn to exploit the Spring4Shell vulnerability in a realistic environment and gain code execution on the target server!

Source: ine.com
0
3
8
0
1K
INEsecurity's profile picture. Revolutionizing the way the world gains #ITSecurity skills. Part of the @INE family
INE Security (FKA eLearnSecurity)
 @INEsecurity
Feb 6

🧵 New Blog: Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Must-read for #Java devs & #AppSec teams bit.ly/3Q1B5vx #Spring4Shell #InfoSec

ine.com

Lab Walkthrough - Exploiting Spring4Shell (…

In this article, we will learn to exploit the Spring4Shell vulnerability in a realistic environment and gain code execution on the target server!

Source: ine.com
0
1
5
2
578
foojayio's profile picture. https://t.co/79DlsBV1yM: a place for friends of OpenJDK (https://t.co/bm1vJXRJlN)! Twitter handle run by @geertjanw, @ypoirier, @bazlur_rahman, @tobiasbriones_!
Foojay.io
 @foojayio
Sep 19, 2024

The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip

foojayio's tweet image. The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip
0
2
7
0
2K
Doukkan1Mohamed's profile picture. To my unicorn :) 🦄
Mohamed Doukkani 穆罕默德
 @Doukkan1Mohamed
Aug 19, 2024

💥 Stay safe out there, coders! And remember, just because it’s called "Spring" doesn’t mean it’s all sunshine and rainbows! 🌈☀️ #Spring4Shell #CVE202222965 #DevSecurity #StayUpdated

0
0
0
0
16
Doukkan1Mohamed's profile picture. To my unicorn :) 🦄
Mohamed Doukkani 穆罕默德
 @Doukkan1Mohamed
Aug 19, 2024

🚨 Breaking News for Devs and Security Pros! 🚨 Ever heard of Spring4Shell? No, it’s not a new flavor of ice cream, but it sure is chilling! 🍦❄️ Let’s dive into what this bug is and why it matters! 🧵👇 #CyberSecurity #Spring4Shell #DevLife

Doukkan1Mohamed's tweet image. 🚨 Breaking News for Devs and Security Pros! 🚨 Ever heard of Spring4Shell? No, it’s not a new flavor of ice cream, but it sure is chilling! 🍦❄️ Let’s dive into what this bug is and why it matters! 🧵👇 #CyberSecurity #Spring4Shell #DevLife
1
0
0
0
41
francescofaenzi's profile picture. #TrustEverybodyButCutTheCards
francescofaenzi
@francescofaenzi
May 10, 2024

• The most common vulnerabilities are: #Spring4Shell (CVE-2022-22965), #Log4Shell (CVE-2021-45046 and CVE-2021-44228), RCE in #Apache #ActiveMQ (CVE-2023-46604) #OpenSSF #Scorecard are helpful to quickly assess the health of open source libraries: linkedin.com/posts/francesc…

francescofaenzi's tweet card. #supplychainsecurity attacks, specifically for (though not limited to) #opensource software artifact are a top issue today (see: https://lnkd.in/gGDdXPEZ). #Scorecards (#Github here: https://lnkd.i...
#supplychainsecurity #opensource #scorecards #github #heuristics #softwaresecurity #trusteverybod...
Source: linkedin.com
1
0
0
0
136
asecengineer's profile picture. A Security Engineer, ScanDog’s founder.
𝙰𝚕𝚒
 @asecengineer
Apr 10, 2024

#Spring4Shell, or the #XZBackdoor, prompting us to wonder if we could be the next target. During this session, we will explore establishing a secure software development ecosystem to mitigate these security risks.

0
0
0
0
134
GOTOcon's profile picture. #GOTO Presents the Brightest Minds in Tech. Check out GOTO Conferences. Join us on the other side: https://t.co/BPo8tCStDc
GOTO
 @GOTOcon
Sep 28, 2023

#Log4Shell & #Spring4Shell proved that we need to keep our dependencies up-to-date From package managers to bots that can create changes on repositories, there are many tools. At #GOTOcph @MaritvanDijk77 will talk about keeping your dependencies in check gotocph.com/2023

0
1
3
1
692
securityiops's profile picture.
Michael Smith
 @securityiops
Sep 16, 2023

Spring Cloud Function HTTP POST detected attempting to exploit a RCE vulnerability (CVE-2022-22963) #Honeypot Run of the mill #cyrptojacking #spring4shell

securityiops's tweet image. Spring Cloud Function HTTP POST detected attempting to exploit a RCE vulnerability (CVE-2022-22963) #Honeypot Run of the mill #cyrptojacking #spring4shell
securityiops's tweet image. Spring Cloud Function HTTP POST detected attempting to exploit a RCE vulnerability (CVE-2022-22963) #Honeypot Run of the mill #cyrptojacking #spring4shell
0
0
1
0
165
Mend_io's profile picture. The #AppSec provider of choice for six out of 10 of the world’s most demanding software developers.
Mend.io
@Mend_io
Apr 7, 2023

On March 31, 2022, #Spring4Shell was announced. For some organizations, it was a real emergency. Thanks to Mend Renovate, @MSCI_Inc addressed the vulnerability in just a few hours. Here’s their full story ➡️ go.mend.io/403ojjo #MendIt #MendTogether #MendCODEfidence

Mend_io's tweet image. On March 31, 2022, #Spring4Shell was announced. For some organizations, it was a real emergency. Thanks to Mend Renovate, @MSCI_Inc addressed the vulnerability in just a few hours. Here’s their full story ➡️ go.mend.io/403ojjo #MendIt #MendTogether #MendCODEfidence
0
9
0
0
179
TenableSecurity's profile picture. Welcome to Tenable. Your exposure ends here. Cloud Exposure | Vulnerability Exposure | OT Exposure | Identity Exposure
Tenable
 @TenableSecurity
Mar 31, 2023

💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.

TenableSecurity's tweet image. 💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.
1
3
2
0
1K
No results for "#spring4shell"
hetmehtaa's profile picture. Security Analyst | Content Creator | I Spread Cybersecurity News & Talk about AI, Cloud, Tech, Tools & Recent Updates
Het Mehta
@hetmehtaa
Apr 6, 2022

A bash script that will automatically install Bug Hunting tools used for recon github.com/JoyGhoshs/0ins… Linux #bugbounty #Spring4Shell #infosec #thesecureedge #cybersecurity #Java #tech #Web3 #redteam #bugbountytips

hetmehtaa's tweet image. A bash script that will automatically install Bug Hunting tools used for recon github.com/JoyGhoshs/0ins… Linux #bugbounty #Spring4Shell #infosec #thesecureedge #cybersecurity #Java #tech #Web3 #redteam #bugbountytips
36
294
648
172
0
Gi7w0rm's profile picture. Threat Intelligence Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p 🇪🇺🇩🇪🇺🇦🌈
Gi7w0rm
 @Gi7w0rm
Apr 9, 2022

Update on the #Nginx 1.18 #0day: Around 20 minutes ago @_Blue_hornet started a Github Repo arround the exploit: github.com/AgainstTheWest… Some more hints on the Exploit: - Related to #Spring4Shell - Created by #BrazenEagle - Related to ldap-auth demon used together with #Nginx

Gi7w0rm's tweet image. Update on the #Nginx 1.18 #0day: Around 20 minutes ago @_Blue_hornet started a Github Repo arround the exploit: github.com/AgainstTheWest… Some more hints on the Exploit: - Related to #Spring4Shell - Created by #BrazenEagle - Related to ldap-auth demon used together with #Nginx
4
46
110
17
0
LetsDefendIO's profile picture. LetsDefend, now part of Hack The Box. Read more: https://t.co/jxMnGZ4Yne
LetsDefend
@LetsDefendIO
Apr 1, 2022

How to investigate #spring4shell exploit in SOC environment? linkedin.com/feed/update/ur…

LetsDefendIO's tweet image. How to investigate #spring4shell exploit in SOC environment? linkedin.com/feed/update/ur…
0
37
85
8
0
trick3st's profile picture. Visualize, operate & scale everything offensive security in one-platform.
Trickest
@trick3st
Apr 1, 2022

Build and customize your own CVE-2022-22963 & CVE-2022-22965 𝙬𝙤𝙧𝙠𝙛𝙡𝙤𝙬 with Trickest #Spring4Shell #CVE #zeroday #infosec

trick3st's tweet image. Build and customize your own CVE-2022-22963 & CVE-2022-22965 𝙬𝙤𝙧𝙠𝙛𝙡𝙤𝙬 with Trickest #Spring4Shell #CVE #zeroday #infosec
trick3st's tweet image. Build and customize your own CVE-2022-22963 & CVE-2022-22965 𝙬𝙤𝙧𝙠𝙛𝙡𝙤𝙬 with Trickest #Spring4Shell #CVE #zeroday #infosec
0
13
45
9
0
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
Apr 1, 2022

🔺 En progreso: explotación masiva de #Spring4Shell (CVE-2022-22965) para instalación de backdoor en forma de #Webshell. IPs atacantes: 172.93.189.42 🇭🇰 Luego desde la misma IP realizan 1 requerimiento HTTP a la URL final de la Webshell para verificar estado. #0day #RCE

1ZRR4H's tweet image. 🔺 En progreso: explotación masiva de #Spring4Shell (CVE-2022-22965) para instalación de backdoor en forma de #Webshell. IPs atacantes: 172.93.189.42 🇭🇰 Luego desde la misma IP realizan 1 requerimiento HTTP a la URL final de la Webshell para verificar estado. #0day #RCE
1ZRR4H's tweet image. 🔺 En progreso: explotación masiva de #Spring4Shell (CVE-2022-22965) para instalación de backdoor en forma de #Webshell. IPs atacantes: 172.93.189.42 🇭🇰 Luego desde la misma IP realizan 1 requerimiento HTTP a la URL final de la Webshell para verificar estado. #0day #RCE
1
22
70
9
0
LetsDefendIO's profile picture. LetsDefend, now part of Hack The Box. Read more: https://t.co/jxMnGZ4Yne
LetsDefend
@LetsDefendIO
Mar 31, 2022

We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.

LetsDefendIO's tweet image. We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.
LetsDefendIO's tweet image. We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.
LetsDefendIO's tweet image. We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.
0
13
49
4
0
MAlajab's profile picture. خبير في الامن السيبراني | Hacker | D.E.A.T.H Team ,Cyber Security Expert, APT killer, BugHunter, Researcher
مالك الدوسري/Malek Aldossary
@MAlajab
Apr 4, 2022

🛠#ادوات: اذا كنت باحث في #الامن_السيبراني وتود دراسة طريقة استغلال الثغرة الاخيرة #Spring4Shell تفضل شرح عمل lab وطريقة اختراقة. #CyberSecurity letsdefend.io/blog/how-to-bu…

MAlajab's tweet image. 🛠#ادوات: اذا كنت باحث في #الامن_السيبراني وتود دراسة طريقة استغلال الثغرة الاخيرة #Spring4Shell تفضل شرح عمل lab وطريقة اختراقة. #CyberSecurity letsdefend.io/blog/how-to-bu…
0
14
100
19
0
cyb3rops's profile picture. Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Florian Roth ⚡️
@cyb3rops
Mar 31, 2022

Local Spring Vulnerability Scanner a scanner by @_hillu that scans locally for instances vulnerable to #Spring4Shell github.com/hillu/local-sp…

cyb3rops's tweet image. Local Spring Vulnerability Scanner a scanner by @_hillu that scans locally for instances vulnerable to #Spring4Shell github.com/hillu/local-sp…
1
66
152
30
0
ducnt_'s profile picture. Just another web warrior ⚔️ Security Researcher ۞ Principal Security Engineer @Verichains ۞ Pwn2Own 2023 ۞@vnsec squad ۞ 💰https://t.co/wuyz6IfAbA ۞ nano 💻
Nguyen The Duc
 @ducnt_
Apr 3, 2022

Stable PoC for #Spring4Shell. Don't massive scan targets without knowledge about this, it can cause crash application in somehow 🙄👀 #bugbountytips #begbountytips

ducnt_'s tweet image. Stable PoC for #Spring4Shell. Don't massive scan targets without knowledge about this, it can cause crash application in somehow 🙄👀 #bugbountytips #begbountytips
5
39
152
24
0
shutingrz's profile picture. Ethical Hacker/infosec/penetration test/IoT Security/Game Security
しゅーと
 @shutingrz
Mar 31, 2022

#spring4shell "class.module.classLoader.URLs[0]=0"を用いることで、レスポンスコードから脆弱性の有無を確認可能。testは脆弱なため400。test2はPOST限定なのでGET送信の場合は405。test3はPOJOパラメータに渡されず脆弱ではないので400以外(今回は200)。※サーバ構成により使えない可能性もあり

shutingrz's tweet image. #spring4shell "class.module.classLoader.URLs[0]=0"を用いることで、レスポンスコードから脆弱性の有無を確認可能。testは脆弱なため400。test2はPOST限定なのでGET送信の場合は405。test3はPOJOパラメータに渡されず脆弱ではないので400以外(今回は200)。※サーバ構成により使えない可能性もあり
RandoriAttack's profile picture. Trusted Adversary @RandoriSecurity | Exploit Development | Offensive Operations | #InfoSec tweets only | Managed by @syndrowm @pwnpnw @aaronportnoy
Randori Attack Team
 @RandoriAttack
Mar 30, 2022

The following non-malicious request can be used to test susceptibility to the @springframework 0day RCE. An HTTP 400 return code indicates vulnerability. $ curl host:port/path?class.module.classLoader.URLs%5B0%5D=0 #SpringShell #Spring4Shell #infosec

10
198
542
122
0
1
38
96
19
0
ptracesecurity's profile picture. Empowering IT Security Professionals through Hands-On Online Courses.
Ptrace Security GmbH
 @ptracesecurity
Apr 9, 2022

A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities github.com/fullhunt/sprin… #Pentesting #Spring4Shell #CyberSecurity #Infosec

ptracesecurity's tweet image. A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities github.com/fullhunt/sprin… #Pentesting #Spring4Shell #CyberSecurity #Infosec
0
46
90
10
0
BobTShoplifter's profile picture. 23 | Owner of @WebSecured Pentester And developer https://t.co/huVywplxAj rulett-nerd Security nerd, and public speaker somehow
Daniel Christensen
 @BobTShoplifter
Apr 1, 2022

To anyone wondering, I give everyone a free full licence of my #Spring4Shell logo!

BobTShoplifter's tweet image. To anyone wondering, I give everyone a free full licence of my #Spring4Shell logo!
1
0
2
0
0

Something went wrong.


Something went wrong.


United States Trends