Stefan Does

@steff0683

Working in the CISO organization of Daimler - tweets and thoughts are my own.

Schemmerberg
Vrijeme pridruživanja: srpanj 2010.
12 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @steff0683

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @steff0683

  1. proslijedio/la je Tweet
    3. velj

    CVE-2020-7471: SQLI in Django: django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter. FIX:

    53 proslijeđena tweeta 124 korisnika označavaju da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    3. velj

    Holy shit. Researcher discovers that TeamViewer stores user passwords encrypted and finds the encryption key and initialization vector in the windows registry

    28 replies 422 proslijeđena tweeta 854 korisnika označavaju da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    31. sij

    'unternehmen ist Opfer eines Hacker-Angriffs geworden! Angreifer Gruppe mit dem Namen hat jahrelang deutsche Konzerne ausgespäht. Experten vermuten, dass die Angreifer eine Verbindung zur chinesischen Regierung haben

    6 replies 20 proslijeđenih tweetova 23 korisnika označavaju da im se sviđa
    Poništi
  4. proslijedio/la je Tweet
    26. sij

    I’m not sure what’s going on here, but I needed to see it! 😂

    7.313 proslijeđenih tweetova 31.485 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    26. sij

    Log Sources - ordered by priority - with ratings in different categories - personal and highly subjective assessment - from my most recent slide deck on low hanging fruits in security monitoring

    31 reply 396 proslijeđenih tweetova 981 korisnik označava da mu se sviđa
    Poništi
  6. proslijedio/la je Tweet
    26. sij

    Ladies and gentlemen, I present you a working Remote Code Execution (RCE) exploit for the Remote Desktop Gateway (CVE-2020-0609 & CVE-2020-0610). Accidentally followed a few rabbit holes but got it to work! Time to write a blog post ;) Don't forget to patch!

    47 replies 1.122 proslijeđena tweeta 3.141 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  7. proslijedio/la je Tweet
    21. sij

    Ep 57: MS08-067 With special guest . Hear what goes on internally when Microsoft discovers a major vulnerability within Windows.

    27 replies 172 proslijeđena tweeta 555 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    21. sij

    We released a Red Teaming book! Red Team Development and Operations. It's been a crazy project that has existed in many forms. It started as simple notes, came together as a SANS class, and will now live as a book. Read about it here.

    36 replies 255 proslijeđenih tweetova 750 korisnika označava da im se sviđa
    Poništi
  9. proslijedio/la je Tweet
    18. sij

    CVE-2020-2551 Weblogic Remote Code Execute RCE With IIOP

    55 proslijeđenih tweetova 148 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    16. sij

    Jetzt patchen! Exploit-Code für die NSA-Windows-Lücke aufgetaucht

    50 proslijeđenih tweetova 29 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    15. sij

    Microsoft added Event ID 1 to the Application Log to show attempted exploitation of CVE-2020-0601 (via new CveEventWrite function). Use Splunk? Collect that EID and alert on: sourcetype=WinEventLog EventCode=1 LogName=Application Message="*[CVE-2020-0601]*" (tweak as needed)

    5 replies 201 proslijeđeni tweet 393 korisnika označavaju da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    14. sij

    I'm excited to share my post about discovering & exploiting multiple critical vulnerabilities in Cisco's DCNM. Busting Cisco's Beans :: Hardcoding Your Way to Hell PoC exploit code:

    17 replies 321 proslijeđeni tweet 583 korisnika označavaju da im se sviđa
    Poništi
  13. proslijedio/la je Tweet
    15. sij

    I'm seeing some evidence that researchers are already figuring out ways to exploit this CVE-2020-0601 flaw patched by Microsoft today. This is a serious bug for which exploitation tools will almost certainly soon be available. Please don't delay updating.

    11 replies 342 proslijeđena tweeta 458 korisnika označava da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    14. sij
    Odgovor korisnicima

    This is helpful:

    44 proslijeđena tweeta 101 korisnik označava da mu se sviđa
    Poništi
  15. proslijedio/la je Tweet
    14. sij

    My Opinion: Waiting for the disaster Eng: Ger:

    1 reply 2 proslijeđena tweeta 2 korisnika označavaju da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    14. sij

    ...and CERT's take on CVE-2020-0601: Crypt32.dll fails to validate ECC certificates in a way that properly leverages protections that ECC should provide. As a result, an attacker may be able to craft a certificate that appears to have the ability to be traced to a trusted root CA

    Odgovor korisniku/ci @briankrebs
    Here's an un-hug-of-death'd link
    86 proslijeđenih tweetova 127 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    13. sij

    Sources say Microsoft on Tuesday will fix an extraordinarily scary flaw in all Windows versions, in a core cryptographic component that could be abused to spoof the source of digitally signed software. Apparently DoD & a few others got an advance patch

    55 replies 1.926 proslijeđenih tweetova 2.415 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    11. sij

    Follow this step-by-step guide to properly test for … Like a ! by

    71 proslijeđeni tweet 163 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    12. sij

    Citrix Netscaler AMIs on default vulnerable out of the box. The root password is set to the instance ID; that can be read from the metadata URL. CVE-2019-19781 from nobody to ssh as root in seconds.

    8 replies 278 proslijeđenih tweetova 469 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    12. sij

    US-gefördertes Handy kommt mit Malware aus China

    39 proslijeđenih tweetova 41 korisnik označava da mu se sviđa
    Poništi

@steff0683 još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·