vash

CVE-2020-2551 WebLogic RCE via IIOP protocol.pic.twitter.com/WyKVkQASiL

Do you have a wonderful #NAS #Seagate Central Storage? Yes, you have a problem: there is a RCE 0day, at the moment unpatched. Remotely Exploitable: Yes Authentication Required: NO Date of found: 19 Dec 2019 cc: @trovarsiancora https://pentest.blog/advisory-seagate-central-storage-remote-code-execution/ …pic.twitter.com/AkMERSofr4

2020-01-16 - #Lokibot #malspam and infection traffic - #pcap of the infection, the email, associated malware, and some indicators available at: https://www.malware-traffic-analysis.net/2020/01/16/index.html …pic.twitter.com/lrvEX9Qdsv

A #dridex #loader doc using pastebin for a payload: https://pastebin[.]com/raw/W14MXBp1 https://app.any.run/tasks/9fab7b74-406d-4192-b900-db1b0dceb70f … cc @VK_Intel @felixaimepic.twitter.com/aQuXfZOqwD

Do patch #CVE-2020-0601 ASAP to avoid #ChainOfFools attacks. The delicately crafted signed #ransomware with #Microsoft root certificate in our test could pass certificate verification and detection rate drops dramatically afterwards. https://www.virustotal.com/gui/file/d6ab910259c9bc68196aeec3e9ff4864bada22738c02ecf5ada7912ced292d28/detection …pic.twitter.com/D9ApXqiFZC

#CVE-2020-2551 Weblogic RCE via iiop protocol, funny bug:Dpic.twitter.com/Xv6ar3w8Gx

RCE zero-day in Seagate Central Storage NAS devices https://pentest.blog/advisory-seagate-central-storage-remote-code-execution/ …pic.twitter.com/dcRd7trUzW

Windows Defender Antivirus detects files w/crafted certificates exploiting the certificate validation vulnerability: ​Exploit:Win32/CVE-2020-0601.A (PE files) Exploit:Win32/CVE-2020-0601.B (Scripts) Also, #Microsoft Defender ATP has a threat report on your posture. #CVE-2020-0601pic.twitter.com/dFqJV5za8F

Update CVE-2019-19781 You can exploit the vulnerability without the file http://newbm.pl  and only use the file http://rmbm.pl  ! You can inject your payload inside the name of the XML file and fire the command execution ! #shitrix #citrixpic.twitter.com/g2P1GAJo1R

A group of anonymous security analysts have tracked down 13 front companies operating in the island of Hainan through which they say the Chinese state has been recruiting hackers. FireEye and Kaspersky say this is APT40. https://www.zdnet.com/article/report-chinese-hacking-group-apt40-hides-behind-network-of-front-companies/ …pic.twitter.com/8cPZpLdjfg

Pwnedbg - debugging the iOS kernel in IDA #MobileSecurity #iOSsecurity by @_akayn https://akayn.github.io/2019/09/21/debugging-the-ios-kernel-in-ida.html …pic.twitter.com/KFehPIf8la

MobSF V2.0 is released! New Dynamic Analyzer supports Android v4.1-9.0. Now you can perform instrumented security tests with ease. ZERO configuration, just run a Genymotion VM before Dynamic Analysis and that’s it. https://github.com/MobSF/Mobile-Security-Framework-MobSF … #mobsf #AndroidSecurity #MobileSecuritypic.twitter.com/bYwO63oJcE