CVE-2017-8464 is one more reason to block outbound SMB traffic. But if you haven't by now, I question what it'd takehttps://www.kb.cert.org/vuls/id/824672
-
-
...and don't forget that even when SMB is blocked at your egress, WebDAV (think SMB over HTTP) still allows exploitation! thx
@yorickkoster -
This Tweet is unavailable.
- 1 more reply
New conversation -
-
-
Dont forget template injection attacks
-
http://blog.talosintelligence.com/2017/07/template-injection.html … ? And if so, the SMB issue is MUCH worse than what's outlined here. Requiring user to open a DOC is amateur hour. :)
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.