繁體中文
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#spring4shell 搜尋結果

HaboubiAnis's profile picture. Cyber Threat Intelligence Analyst | Decentralized Autonomous Financial Resistant | #bitcoin #ordinals #defi
Anis Haboubi |₿|
 @HaboubiAnis
2022年4月11日

Je dis ca je dis rien :-) mais je trouve pratique que pour les #Election2022 le logiciel utilisé par @IfopOpinion a une vulnérabilité critique #spring4shell CVE-2022-22965 ; Bonne élection et transpanre mes amis français ; #cyberwar

HaboubiAnis's tweet image. Je dis ca je dis rien :-) mais je trouve pratique que pour les #Election2022 le logiciel utilisé par @IfopOpinion a une vulnérabilité critique #spring4shell CVE-2022-22965 ; Bonne élection et transpanre mes amis français ; #cyberwar
4
49
77
6
0
foojayio's profile picture. https://t.co/79DlsBV1yM: a place for friends of OpenJDK (https://t.co/bm1vJXRJlN)! Twitter handle run by @geertjanw, @ypoirier, @bazlur_rahman, @tobiasbriones_!
Foojay.io
 @foojayio
2024年9月19日

The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip

foojayio's tweet image. The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip
0
2
7
0
2千
GOTOcon's profile picture. #GOTO Presents the Brightest Minds in Tech. Check out GOTO Conferences. Join us on the other side: https://t.co/BPo8tCStDc
GOTO
 @GOTOcon
2023年9月28日

#Log4Shell & #Spring4Shell proved that we need to keep our dependencies up-to-date From package managers to bots that can create changes on repositories, there are many tools. At #GOTOcph @MaritvanDijk77 will talk about keeping your dependencies in check gotocph.com/2023

0
1
3
1
692
TenableSecurity's profile picture. Welcome to Tenable. Your exposure ends here. Cloud Exposure | Vulnerability Exposure | OT Exposure | Identity Exposure
Tenable
 @TenableSecurity
2023年3月31日

💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.

TenableSecurity's tweet image. 💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.
1
3
2
0
1千
Dynatrace's profile picture. Dynatrace is the leading AI-powered observability platform that enables you to transform complexity into your greatest asset and drive your business forward.
Dynatrace
 @Dynatrace
2022年4月15日

To illustrate why #Spring4Shell is such a critical vulnerability, it helps to understand how Spring works. Stefan Achleitner explains & highlights how #Dynatrace Application Security enables automatic real-time protection to block these types of attacks. dynatr.ac/3OinDBs

Dynatrace's tweet image. To illustrate why #Spring4Shell is such a critical vulnerability, it helps to understand how Spring works. Stefan Achleitner explains & highlights how #Dynatrace Application Security enables automatic real-time protection to block these types of attacks. dynatr.ac/3OinDBs
0
1
2
0
0
ptracesecurity's profile picture. Empowering IT Security Professionals through Hands-On Online Courses.
Ptrace Security GmbH
 @ptracesecurity
2022年4月26日

Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities kitploit.com/2022/04/spring… #Pentesting #Spring4Shell #CyberSecurity #Infosec

ptracesecurity's tweet image. Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities kitploit.com/2022/04/spring… #Pentesting #Spring4Shell #CyberSecurity #Infosec
ptracesecurity's tweet image. Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities kitploit.com/2022/04/spring… #Pentesting #Spring4Shell #CyberSecurity #Infosec
1
30
77
11
0
CheckPointSW's profile picture. You deserve the best security. Get the protection you need against AI-driven cyber attacks.
Check Point Software
@CheckPointSW
2022年5月5日

Zero Day attacks aren’t going anywhere. What facts do you need to know about #log4j and #Spring4Shell? Find out, here: bit.ly/3KONBJH #cybersecurity

CheckPointSW's tweet image. Zero Day attacks aren’t going anywhere. What facts do you need to know about #log4j and #Spring4Shell? Find out, here: bit.ly/3KONBJH #cybersecurity
0
10
7
0
0
securityblvd's profile picture. The primary destination for leading cybersecurity news and discourse. Powered by @TechstrongGroup.
Security Boulevard
@securityblvd
2023年1月3日

#1) New #Spring4Shell Zero-Day Vulnerability Confirmed. Here’s the latest in our series of #TheBestof2022. Our top story for 2022! ❗️ bit.ly/3jqp5GS

securityblvd's tweet image. #1) New #Spring4Shell Zero-Day Vulnerability Confirmed. Here’s the latest in our series of #TheBestof2022. Our top story for 2022! ❗️ bit.ly/3jqp5GS
0
1
2
0
172
TWiT's profile picture. Looking for the latest in Tech? Follow @TWiT - Tech podcasts with @leolaporte, @mikahsargent, and friends. Get extras at https://t.co/vJKBWWeYmx
TWiT Tech Podcasts
@TWiT
2022年4月13日

Join @SGgrc & @leolaporte for a breakdown of Microsoft’s new #Autopatch system, the #Spring4Shell vulnerability, and the 0-Day in NGINX - “the Internet’s most used webserver platform!”  Hear the latest #cybersecurity news and subscribe on @pocketcasts twit.tv/sn854

TWiT's tweet image. Join @SGgrc & @leolaporte for a breakdown of Microsoft’s new #Autopatch system, the #Spring4Shell vulnerability, and the 0-Day in NGINX - “the Internet’s most used webserver platform!”  Hear the latest #cybersecurity news and subscribe on @pocketcasts twit.tv/sn854
0
6
96
0
0
BlackDuck_SW's profile picture. True Scale Application Security — Uncompromised trust in software for the regulated, AI-powered world
Black Duck
@BlackDuck_SW
2022年5月18日

The #Spring4Shell vulnerability targets a ubiquitous language & framework, taking aim at a large tech footprint. Read today's blog for insights into our exploit development and&testing process for this Zero-Day Remote Code Execution (RCE) vuln: bit.ly/3NiJIyg

BlackDuck_SW's tweet image. The #Spring4Shell vulnerability targets a ubiquitous language & framework, taking aim at a large tech footprint. Read today's blog for insights into our exploit development and&testing process for this Zero-Day Remote Code Execution (RCE) vuln: bit.ly/3NiJIyg
0
2
2
0
0
F5's profile picture. We deliver and secure every app.
F5
 @F5
2022年4月26日

The raft of vulnerabilities in the Spring framework may sound a lot like Log4Shell, but there are significant differences that affect how you should respond. Learn more: go.f5.net/7xj5je #Spring4Shell

F5's tweet image. The raft of vulnerabilities in the Spring framework may sound a lot like Log4Shell, but there are significant differences that affect how you should respond. Learn more: go.f5.net/7xj5je #Spring4Shell
0
2
0
0
0
TrendMicro's profile picture. Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information across enterprises, governments, and consumers.
Trend Micro
 @TrendMicro
2022年5月4日

Our blog entry looks at the technical details behind attempts to exploit the #Spring4Shell vulnerability, including how they create web shells to deploy cryptocurrency miners. More details in our post: research.trendmicro.com/3L6Y0S6

TrendMicro's tweet image. Our blog entry looks at the technical details behind attempts to exploit the #Spring4Shell vulnerability, including how they create web shells to deploy cryptocurrency miners. More details in our post: research.trendmicro.com/3L6Y0S6
0
0
5
0
0
JensGleichmann's profile picture. Managing Director@XLC, SAP HANA expert 10+ years, SAP expert 15+ years, SAP blog writer, SAP Champion, SAP Stammtisch Orga - Views expressed are my own
Jens Gleichmann
 @JensGleichmann
2022年4月6日

A new security vulnerability CVE-2022-22965 aka #Spring4shell currently rated as critical is out since end of march. It affects the Java Spring Framework. Check if your #SAP app is affected: launchpad.support.sap.com/#/solutions/no… Details: sysdig.com/blog/cve-2022-… tarlogic.com/blog/spring4sh…

JensGleichmann's tweet image. A new security vulnerability CVE-2022-22965 aka #Spring4shell currently rated as critical is out since end of march. It affects the Java Spring Framework. Check if your #SAP app is affected: launchpad.support.sap.com/#/solutions/no… Details: sysdig.com/blog/cve-2022-… tarlogic.com/blog/spring4sh…
JensGleichmann's tweet image. A new security vulnerability CVE-2022-22965 aka #Spring4shell currently rated as critical is out since end of march. It affects the Java Spring Framework. Check if your #SAP app is affected: launchpad.support.sap.com/#/solutions/no… Details: sysdig.com/blog/cve-2022-… tarlogic.com/blog/spring4sh…
JensGleichmann's tweet image. A new security vulnerability CVE-2022-22965 aka #Spring4shell currently rated as critical is out since end of march. It affects the Java Spring Framework. Check if your #SAP app is affected: launchpad.support.sap.com/#/solutions/no… Details: sysdig.com/blog/cve-2022-… tarlogic.com/blog/spring4sh…
1
5
10
0
0
LumITCyberSec's profile picture. 🛡️ Rendiamo più sicuro il tuo lavoro con la nostra esperienza in ambito Cyber Security.
LumIT - System Integrator
 @LumITCyberSec
2022年4月26日

Proprio quando pensavamo che fosse sicuro tornare allo sviluppo di applicazioni dopo Log4j e gli attacchi Log4Shell, ecco che arriva Spring4Shell. Scopri come mitigare le nuove minacce con @F5 👉 bit.ly/LumIT-Spring4S… #CyberSecurity #Spring4Shell

LumITCyberSec's tweet image. Proprio quando pensavamo che fosse sicuro tornare allo sviluppo di applicazioni dopo Log4j e gli attacchi Log4Shell, ecco che arriva Spring4Shell. Scopri come mitigare le nuove minacce con @F5 👉 bit.ly/LumIT-Spring4S… #CyberSecurity #Spring4Shell
0
2
5
0
0
Sn0wF0x1337's profile picture. We exist without skin color, without nationality, without religious bias... and you call us criminals. HACK THE PLANET! Auth/DHD Non Binary
Sn0wF0x
 @Sn0wF0x1337
2022年9月18日

Spring4Shell: CVE-2022-22965 - I have just completed this room! Check it out: tryhackme.com/room/spring4sh… #tryhackme #spring4shell #vulnerability #RCE #Java #Spring#Beginner #MuirlandOracle via @realtryhackme

Sn0wF0x1337's tweet image. Spring4Shell: CVE-2022-22965 - I have just completed this room! Check it out: tryhackme.com/room/spring4sh… #tryhackme #spring4shell #vulnerability #RCE #Java #Spring#Beginner #MuirlandOracle via @realtryhackme
1
0
10
0
0
BlackBerry's profile picture. BlackBerry provides enterprises and governments the intelligent software and services to power the world around us.
BlackBerry
@BlackBerry
2022年4月9日

Spring has sprung — new #cyberthreats that is. 🐚 The new #Spring4Shell vulnerability could allow intruders to wreak havoc in your environment. Get details on this threat, including how to know if you're at risk, and if your are, how to patch it: blck.by/3753sG2

0
3
23
0
0
sonatype's profile picture. Develop software fearlessly.
Sonatype
@sonatype
2022年7月14日

You might think the the danger of #Spring4Shell is long gone - but are you still vulnerable? 👀 Here's everything you need to know and more - straight from the experts on "Wicked Good Development" 👻 🎧 bit.ly/3DG8LYD

0
0
3
0
0
SecurityTube's profile picture. We help professionals acquire the skills, knowledge and certificates by teaching defense through offense to advance their careers in cybersecurity.
Pentester Academy
 @SecurityTube
年8月6日

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4olMqq6

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

來源: ine.com
1
2
9
2
951
ine's profile picture. The premier provider of technical training for the #IT Industry. 💻 #infosec #cybersecurity #cloud #datascience #networking
INE
 @ine
年8月6日

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4m0d7z5

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

來源: ine.com
1
0
3
1
599
INEsecurity's profile picture. Revolutionizing the way the world gains #ITSecurity skills. Part of the @INE family
INE Security (FKA eLearnSecurity)
 @INEsecurity
年8月6日

🧵 #Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Includes technical deep dive, impact analysis, and actionable mitigation strategies. bit.ly/4m4S0eY

ine.com

Lab Walkthrough: Exploiting Spring4Shell (C…

Learn about the impact of Spring4Shell CVE-2022-22965 on enterprises. Walkthrough a hands on lab demo for exploiting an enterprise web applicati…

來源: ine.com
1
0
0
1
510
PKMB_BlueSec's profile picture. Aspiring SOC Analyst | Cyber Threat Defender | Cloud Security | #BlueTeam Enthusiast | Azure Fundamentals Certified | Pursuing Security+ and Splunk Certs
Paa Kweku | SOC Analyst (Blue Team)
 @PKMB_BlueSec
年3月15日

Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell

PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
PKMB_BlueSec's tweet image. Detected & mitigated an active Spring4Shell (CVE-2022-22965) exploitation on a network. Attackers attempted RCE via malicious HTTP POST requests. Mitigation in place, monitoring ongoing. Thanks to Telstra's simulation on Forage for the insights! 🔒 #CyberSecurity #Spring4Shell
1
0
2
0
122
ine's profile picture. The premier provider of technical training for the #IT Industry. 💻 #infosec #cybersecurity #cloud #datascience #networking
INE
 @ine
年2月6日

🧵 New Blog: Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Must-read for #Java devs & #AppSec teams bit.ly/3Cr020l #Spring4Shell #InfoSec

ine.com

Lab Walkthrough - Exploiting Spring4Shell (…

In this article, we will learn to exploit the Spring4Shell vulnerability in a realistic environment and gain code execution on the target server!

來源: ine.com
0
1
5
0
599
SecurityTube's profile picture. We help professionals acquire the skills, knowledge and certificates by teaching defense through offense to advance their careers in cybersecurity.
Pentester Academy
 @SecurityTube
年2月6日

🧵 New Blog: Spring4Shell Vulnerability Explained Learn how a Java 9 architectural change led to a critical RCE vulnerability affecting millions of Spring applications. Must-read for #Java devs & #AppSec teams bit.ly/412naeQ #Spring4Shell #InfoSec

ine.com

Lab Walkthrough - Exploiting Spring4Shell (…

In this article, we will learn to exploit the Spring4Shell vulnerability in a realistic environment and gain code execution on the target server!

來源: ine.com
0
3
8
0
1千
foojayio's profile picture. https://t.co/79DlsBV1yM: a place for friends of OpenJDK (https://t.co/bm1vJXRJlN)! Twitter handle run by @geertjanw, @ypoirier, @bazlur_rahman, @tobiasbriones_!
Foojay.io
 @foojayio
2024年9月19日

The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip

foojayio's tweet image. The persistent threat -- why major vulnerabilities like #Log4Shell and #Spring4Shell remain significant and super dangerous, by @brianverm @snyksec, #Java and beyond: foojay.io/today/the-pers… #foojaytip
0
2
7
0
2千
Doukkan1Mohamed's profile picture. To my unicorn :) 🦄
Mohamed Doukkani 穆罕默德
 @Doukkan1Mohamed
2024年8月19日

💥 Stay safe out there, coders! And remember, just because it’s called "Spring" doesn’t mean it’s all sunshine and rainbows! 🌈☀️ #Spring4Shell #CVE202222965 #DevSecurity #StayUpdated

0
0
0
0
16
Doukkan1Mohamed's profile picture. To my unicorn :) 🦄
Mohamed Doukkani 穆罕默德
 @Doukkan1Mohamed
2024年8月19日

🚨 Breaking News for Devs and Security Pros! 🚨 Ever heard of Spring4Shell? No, it’s not a new flavor of ice cream, but it sure is chilling! 🍦❄️ Let’s dive into what this bug is and why it matters! 🧵👇 #CyberSecurity #Spring4Shell #DevLife

Doukkan1Mohamed's tweet image. 🚨 Breaking News for Devs and Security Pros! 🚨 Ever heard of Spring4Shell? No, it’s not a new flavor of ice cream, but it sure is chilling! 🍦❄️ Let’s dive into what this bug is and why it matters! 🧵👇 #CyberSecurity #Spring4Shell #DevLife
1
0
0
0
41
asecengineer's profile picture. A Security Engineer, ScanDog’s founder.
𝙰𝚕𝚒
 @asecengineer
2024年4月10日

#Spring4Shell, or the #XZBackdoor, prompting us to wonder if we could be the next target. During this session, we will explore establishing a secure software development ecosystem to mitigate these security risks.

0
0
0
0
134
GOTOcon's profile picture. #GOTO Presents the Brightest Minds in Tech. Check out GOTO Conferences. Join us on the other side: https://t.co/BPo8tCStDc
GOTO
 @GOTOcon
2023年9月28日

#Log4Shell & #Spring4Shell proved that we need to keep our dependencies up-to-date From package managers to bots that can create changes on repositories, there are many tools. At #GOTOcph @MaritvanDijk77 will talk about keeping your dependencies in check gotocph.com/2023

0
1
3
1
692
securityiops's profile picture.
Michael Smith
 @securityiops
2023年9月16日

Spring Cloud Function HTTP POST detected attempting to exploit a RCE vulnerability (CVE-2022-22963) #Honeypot Run of the mill #cyrptojacking #spring4shell

securityiops's tweet image. Spring Cloud Function HTTP POST detected attempting to exploit a RCE vulnerability (CVE-2022-22963) #Honeypot Run of the mill #cyrptojacking #spring4shell
securityiops's tweet image. Spring Cloud Function HTTP POST detected attempting to exploit a RCE vulnerability (CVE-2022-22963) #Honeypot Run of the mill #cyrptojacking #spring4shell
0
0
1
0
165
Mend_io's profile picture. The #AppSec provider of choice for six out of 10 of the world’s most demanding software developers.
Mend.io
@Mend_io
2023年4月7日

On March 31, 2022, #Spring4Shell was announced. For some organizations, it was a real emergency. Thanks to Mend Renovate, @MSCI_Inc addressed the vulnerability in just a few hours. Here’s their full story ➡️ go.mend.io/403ojjo #MendIt #MendTogether #MendCODEfidence

Mend_io's tweet image. On March 31, 2022, #Spring4Shell was announced. For some organizations, it was a real emergency. Thanks to Mend Renovate, @MSCI_Inc addressed the vulnerability in just a few hours. Here’s their full story ➡️ go.mend.io/403ojjo #MendIt #MendTogether #MendCODEfidence
0
9
0
0
179
TenableSecurity's profile picture. Welcome to Tenable. Your exposure ends here. Cloud Exposure | Vulnerability Exposure | OT Exposure | Identity Exposure
Tenable
 @TenableSecurity
2023年3月31日

💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.

TenableSecurity's tweet image. 💡 Remember #Spring4Shell - when an attacker could exploit Spring4Shell by sending a specially crafted request to a vulnerable server.
1
3
2
0
1千
未找到 "#spring4shell" 的結果
Gi7w0rm's profile picture. Threat Intelligence Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p 🇪🇺🇩🇪🇺🇦🌈
Gi7w0rm
 @Gi7w0rm
2022年4月9日

Update on the #Nginx 1.18 #0day: Around 20 minutes ago @_Blue_hornet started a Github Repo arround the exploit: github.com/AgainstTheWest… Some more hints on the Exploit: - Related to #Spring4Shell - Created by #BrazenEagle - Related to ldap-auth demon used together with #Nginx

Gi7w0rm's tweet image. Update on the #Nginx 1.18 #0day: Around 20 minutes ago @_Blue_hornet started a Github Repo arround the exploit: github.com/AgainstTheWest… Some more hints on the Exploit: - Related to #Spring4Shell - Created by #BrazenEagle - Related to ldap-auth demon used together with #Nginx
4
46
110
17
0
hetmehtaa's profile picture. Security Analyst | Content Creator | I Spread Cybersecurity News & Talk about AI, Cloud, Tech, Tools & Recent Updates
Het Mehta
@hetmehtaa
2022年4月6日

A bash script that will automatically install Bug Hunting tools used for recon github.com/JoyGhoshs/0ins… Linux #bugbounty #Spring4Shell #infosec #thesecureedge #cybersecurity #Java #tech #Web3 #redteam #bugbountytips

hetmehtaa's tweet image. A bash script that will automatically install Bug Hunting tools used for recon github.com/JoyGhoshs/0ins… Linux #bugbounty #Spring4Shell #infosec #thesecureedge #cybersecurity #Java #tech #Web3 #redteam #bugbountytips
36
294
648
172
0
LetsDefendIO's profile picture. LetsDefend, now part of Hack The Box. Read more: https://t.co/jxMnGZ4Yne
LetsDefend
@LetsDefendIO
2022年4月1日

How to investigate #spring4shell exploit in SOC environment? linkedin.com/feed/update/ur…

LetsDefendIO's tweet image. How to investigate #spring4shell exploit in SOC environment? linkedin.com/feed/update/ur…
0
37
84
8
0
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
2022年4月1日

🔺 En progreso: explotación masiva de #Spring4Shell (CVE-2022-22965) para instalación de backdoor en forma de #Webshell. IPs atacantes: 172.93.189.42 🇭🇰 Luego desde la misma IP realizan 1 requerimiento HTTP a la URL final de la Webshell para verificar estado. #0day #RCE

1ZRR4H's tweet image. 🔺 En progreso: explotación masiva de #Spring4Shell (CVE-2022-22965) para instalación de backdoor en forma de #Webshell. IPs atacantes: 172.93.189.42 🇭🇰 Luego desde la misma IP realizan 1 requerimiento HTTP a la URL final de la Webshell para verificar estado. #0day #RCE
1ZRR4H's tweet image. 🔺 En progreso: explotación masiva de #Spring4Shell (CVE-2022-22965) para instalación de backdoor en forma de #Webshell. IPs atacantes: 172.93.189.42 🇭🇰 Luego desde la misma IP realizan 1 requerimiento HTTP a la URL final de la Webshell para verificar estado. #0day #RCE
1
22
70
9
0
LetsDefendIO's profile picture. LetsDefend, now part of Hack The Box. Read more: https://t.co/jxMnGZ4Yne
LetsDefend
@LetsDefendIO
2022年3月31日

We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.

LetsDefendIO's tweet image. We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.
LetsDefendIO's tweet image. We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.
LetsDefendIO's tweet image. We created #Spring4Shell SIEM alert on LetsDefend, you can investigate it as an Incident Responder right now.
0
13
48
4
0
ducnt_'s profile picture. Just another web warrior ⚔️ Security Researcher ۞ Principal Security Engineer @Verichains ۞ Pwn2Own 2023 ۞@vnsec squad ۞ 💰https://t.co/wuyz6IfAbA ۞ nano 💻
Nguyen The Duc
 @ducnt_
2022年4月3日

Stable PoC for #Spring4Shell. Don't massive scan targets without knowledge about this, it can cause crash application in somehow 🙄👀 #bugbountytips #begbountytips

ducnt_'s tweet image. Stable PoC for #Spring4Shell. Don't massive scan targets without knowledge about this, it can cause crash application in somehow 🙄👀 #bugbountytips #begbountytips
5
39
152
24
0
MAlajab's profile picture. خبير في الامن السيبراني | Hacker | D.E.A.T.H Team ,Cyber Security Expert, APT killer, BugHunter, Researcher
مالك الدوسري/Malek Aldossary
@MAlajab
2022年4月4日

🛠#ادوات: اذا كنت باحث في #الامن_السيبراني وتود دراسة طريقة استغلال الثغرة الاخيرة #Spring4Shell تفضل شرح عمل lab وطريقة اختراقة. #CyberSecurity letsdefend.io/blog/how-to-bu…

MAlajab's tweet image. 🛠#ادوات: اذا كنت باحث في #الامن_السيبراني وتود دراسة طريقة استغلال الثغرة الاخيرة #Spring4Shell تفضل شرح عمل lab وطريقة اختراقة. #CyberSecurity letsdefend.io/blog/how-to-bu…
0
14
100
19
0
trick3st's profile picture. Visualize, operate & scale everything offensive security in one-platform.
Trickest
@trick3st
2022年4月1日

Build and customize your own CVE-2022-22963 & CVE-2022-22965 𝙬𝙤𝙧𝙠𝙛𝙡𝙤𝙬 with Trickest #Spring4Shell #CVE #zeroday #infosec

trick3st's tweet image. Build and customize your own CVE-2022-22963 & CVE-2022-22965 𝙬𝙤𝙧𝙠𝙛𝙡𝙤𝙬 with Trickest #Spring4Shell #CVE #zeroday #infosec
trick3st's tweet image. Build and customize your own CVE-2022-22963 & CVE-2022-22965 𝙬𝙤𝙧𝙠𝙛𝙡𝙤𝙬 with Trickest #Spring4Shell #CVE #zeroday #infosec
0
13
45
9
0
shutingrz's profile picture. Ethical Hacker/infosec/penetration test/IoT Security/Game Security
しゅーと
 @shutingrz
2022年3月31日

#spring4shell "class.module.classLoader.URLs[0]=0"を用いることで、レスポンスコードから脆弱性の有無を確認可能。testは脆弱なため400。test2はPOST限定なのでGET送信の場合は405。test3はPOJOパラメータに渡されず脆弱ではないので400以外(今回は200)。※サーバ構成により使えない可能性もあり

shutingrz's tweet image. #spring4shell "class.module.classLoader.URLs[0]=0"を用いることで、レスポンスコードから脆弱性の有無を確認可能。testは脆弱なため400。test2はPOST限定なのでGET送信の場合は405。test3はPOJOパラメータに渡されず脆弱ではないので400以外(今回は200)。※サーバ構成により使えない可能性もあり
RandoriAttack's profile picture. Trusted Adversary @RandoriSecurity | Exploit Development | Offensive Operations | #InfoSec tweets only | Managed by @syndrowm @pwnpnw @aaronportnoy
Randori Attack Team
 @RandoriAttack
2022年3月30日

The following non-malicious request can be used to test susceptibility to the @springframework 0day RCE. An HTTP 400 return code indicates vulnerability. $ curl host:port/path?class.module.classLoader.URLs%5B0%5D=0 #SpringShell #Spring4Shell #infosec

10
198
542
122
0
1
38
96
19
0
cyb3rops's profile picture. Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Florian Roth ⚡️
@cyb3rops
2022年3月31日

Local Spring Vulnerability Scanner a scanner by @_hillu that scans locally for instances vulnerable to #Spring4Shell github.com/hillu/local-sp…

cyb3rops's tweet image. Local Spring Vulnerability Scanner a scanner by @_hillu that scans locally for instances vulnerable to #Spring4Shell github.com/hillu/local-sp…
1
66
152
30
0
BobTShoplifter's profile picture. 23 | Owner of @WebSecured Pentester And developer https://t.co/huVywplxAj rulett-nerd Security nerd, and public speaker somehow
Daniel Christensen
 @BobTShoplifter
2022年4月1日

To anyone wondering, I give everyone a free full licence of my #Spring4Shell logo!

BobTShoplifter's tweet image. To anyone wondering, I give everyone a free full licence of my #Spring4Shell logo!
1
0
2
0
0
ptracesecurity's profile picture. Empowering IT Security Professionals through Hands-On Online Courses.
Ptrace Security GmbH
 @ptracesecurity
2022年4月9日

A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities github.com/fullhunt/sprin… #Pentesting #Spring4Shell #CyberSecurity #Infosec

ptracesecurity's tweet image. A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities github.com/fullhunt/sprin… #Pentesting #Spring4Shell #CyberSecurity #Infosec
0
46
90
10
0

Something went wrong.


Something went wrong.


United States Trends