Microsoft Office 365 Message Encryption Insecure Mode of Operation
https://ift.tt/W5dhiVX
Submitted October 14, 2022 at 03:39PM by kekw32
via reddit https://ift.tt/0WZ7r2E
https://ift.tt/W5dhiVX
Submitted October 14, 2022 at 03:39PM by kekw32
via reddit https://ift.tt/0WZ7r2E
Withsecure
Microsoft Office 365 Message Encryption Insecure Mode of Operation
Microsoft Office 365 Message Encryption (OME) utilitises Electronic Codebook (ECB) mode of operation. This mode is insecure and leaks information about the structure of the messages sent and can lead to partial or full message disclosure.
[PDF] Security Deep-Dive Into The Internals Of NetBackup - AirbusSecLab@Hexacon
https://ift.tt/MaBhW8y
Submitted October 14, 2022 at 11:10PM by alain_proviste
via reddit https://ift.tt/wcPojsi
https://ift.tt/MaBhW8y
Submitted October 14, 2022 at 11:10PM by alain_proviste
via reddit https://ift.tt/wcPojsi
Regulator: A unique method of subdomain enumeration
https://ift.tt/30yp9og
Submitted October 16, 2022 at 11:11PM by Quick-Ingenuity-7024
via reddit https://ift.tt/c1YRigm
https://ift.tt/30yp9og
Submitted October 16, 2022 at 11:11PM by Quick-Ingenuity-7024
via reddit https://ift.tt/c1YRigm
Toner Deaf – Printing your next persistence (Hexacon 2022)
https://ift.tt/UV0DhG3
Submitted October 17, 2022 at 02:57PM by digicat
via reddit https://ift.tt/LtYwkX3
https://ift.tt/UV0DhG3
Submitted October 17, 2022 at 02:57PM by digicat
via reddit https://ift.tt/LtYwkX3
NCC Group Research Blog
Toner Deaf – Printing your next persistence (Hexacon 2022)
On Friday 14th of October 2022 Alex Plaskett (@alexjplaskett) and Cedric Halbronn (@saidelike) presented Toner Deaf – Printing your next persistence at Hexacon 2022. This talk demonstrated re…
A journey of fuzzing Nvidia graphic driver leading to LPE exploitation
https://ift.tt/eLOIvQk
Submitted October 17, 2022 at 07:08PM by jeandrew
via reddit https://ift.tt/aPeJSqz
https://ift.tt/eLOIvQk
Submitted October 17, 2022 at 07:08PM by jeandrew
via reddit https://ift.tt/aPeJSqz
9.8 Critical issue in Apache Commons Text
https://ift.tt/sAxQemn
Submitted October 17, 2022 at 11:09PM by NexusOne99
via reddit https://ift.tt/3ouvTqS
https://ift.tt/sAxQemn
Submitted October 17, 2022 at 11:09PM by NexusOne99
via reddit https://ift.tt/3ouvTqS
A Detailed Analysis of the Gafgyt Malware Targeting IoT Devices [PDF]
https://ift.tt/zMq2Fjv
Submitted October 18, 2022 at 07:54PM by CyberMasterV
via reddit https://ift.tt/GD68T4W
https://ift.tt/zMq2Fjv
Submitted October 18, 2022 at 07:54PM by CyberMasterV
via reddit https://ift.tt/GD68T4W
Security Scorecard
A Detailed Analysis Of The Gafgyt Malware Targeting IoT Devices
Recovering Web Tokens From Office
https://ift.tt/tYhXiCI
Submitted October 18, 2022 at 12:49PM by gid0rah
via reddit https://ift.tt/Q8RaZuh
https://ift.tt/tYhXiCI
Submitted October 18, 2022 at 12:49PM by gid0rah
via reddit https://ift.tt/Q8RaZuh
XPN InfoSec Blog
@_xpn_ - WAM BAM - Recovering Web Tokens From Office
This post looks at the recent trend of pulling Azure tokens from Office process memory and tries to identify just how these tokens were loaded, how Office handles a Microsoft Account (MSA), and how we can recover cached credentials from the Token Broker Cache.
CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files
https://ift.tt/Fk7zU31
Submitted October 18, 2022 at 09:19PM by SRMish3
via reddit https://ift.tt/rfSNsdR
https://ift.tt/Fk7zU31
Submitted October 18, 2022 at 09:19PM by SRMish3
via reddit https://ift.tt/rfSNsdR
GitHub
GitHub - jfrog/text4shell-tools
Contribute to jfrog/text4shell-tools development by creating an account on GitHub.
Defenders beware: A case for post-ransomware investigations
https://ift.tt/fy30vaK
Submitted October 19, 2022 at 12:49AM by SCI_Rusher
via reddit https://ift.tt/7tBXwYr
https://ift.tt/fy30vaK
Submitted October 19, 2022 at 12:49AM by SCI_Rusher
via reddit https://ift.tt/7tBXwYr
Microsoft Security Blog
Defenders beware: A case for post-ransomware investigations - Microsoft Security Blog
The Microsoft Detection and Response Team (DART) details a recent ransomware incident in which the attacker used a collection of commodity tools and techniques, such as using living-off-the-land binaries, to launch their malicious code.
Opening the doors and windows 0-click RCE on the Tesla Model3
https://ift.tt/k7j1lig
Submitted October 18, 2022 at 11:50PM by jeandrew
via reddit https://ift.tt/7bVKs1w
https://ift.tt/k7j1lig
Submitted October 18, 2022 at 11:50PM by jeandrew
via reddit https://ift.tt/7bVKs1w
Our new scanner for Text4Shell
https://ift.tt/Kbf7mtW
Submitted October 19, 2022 at 01:01AM by dn3t
via reddit https://ift.tt/EzNjkhm
https://ift.tt/Kbf7mtW
Submitted October 19, 2022 at 01:01AM by dn3t
via reddit https://ift.tt/EzNjkhm
Enrich Splunk events with Steampipe
https://ift.tt/EkgZzR8
Submitted October 19, 2022 at 01:20AM by sanitybit
via reddit https://ift.tt/kaFOfhP
https://ift.tt/EkgZzR8
Submitted October 19, 2022 at 01:20AM by sanitybit
via reddit https://ift.tt/kaFOfhP
Steampipe
Enrich Splunk events with Steampipe | Steampipe Blog
Splunk lookup tables can enrich AWS event data with IP-address/name mappings not available in CloudTrail. Here's how to build those tables with Steampipe.
Introducing fine-grained personal access tokens for GitHub
https://ift.tt/qtSl9B1
Submitted October 19, 2022 at 12:59AM by 0x414141
via reddit https://ift.tt/NT25C6a
https://ift.tt/qtSl9B1
Submitted October 19, 2022 at 12:59AM by 0x414141
via reddit https://ift.tt/NT25C6a
The GitHub Blog
Introducing fine-grained personal access tokens for GitHub | The GitHub Blog
Fine-grained personal access tokens offer enhanced security to developers and organization owners, to reduce the risk to your data of compromised tokens.
Jetstack Paranoia: A New Open Source Tool for Container Image Security
https://ift.tt/3fKQubv
Submitted October 19, 2022 at 03:00AM by sanitybit
via reddit https://ift.tt/5f1Ch9t
https://ift.tt/3fKQubv
Submitted October 19, 2022 at 03:00AM by sanitybit
via reddit https://ift.tt/5f1Ch9t
Jetstack
Announcing Jetstack Paranoia: A New Open Source Tool for Container Image Security | Jetstack Blog
We are a fast-growing Kubernetes professional services company that prides itself on helping startups and enterprises alike in their path to modern cloud-native infrastructure
PHP filters chain: What is it and how to use it - convert almost any file inclusion to RCE
https://ift.tt/I3Dve9x
Submitted October 19, 2022 at 06:27AM by Gallus
via reddit https://ift.tt/aDuyWdC
https://ift.tt/I3Dve9x
Submitted October 19, 2022 at 06:27AM by Gallus
via reddit https://ift.tt/aDuyWdC
Synacktiv
PHP filters chain: What is it and how to use it
Searching for new gadget chains to exploit deserialization vulnerabilities can be tedious.
A New Attack Surface on MS Exchange Part 4 - ProxyRelay
https://ift.tt/Lv8aRYg
Submitted October 19, 2022 at 11:37AM by CyberMasterV
via reddit https://ift.tt/l4ng0kQ
https://ift.tt/Lv8aRYg
Submitted October 19, 2022 at 11:37AM by CyberMasterV
via reddit https://ift.tt/l4ng0kQ
DEVCORE 戴夫寇爾
A New Attack Surface on MS Exchange Part 4 - ProxyRelay! | DEVCORE 戴夫寇爾
With the prior knowledge in mind, I come up with a simple idea. It’s common to see multiple Exchange Servers in corporate networks for high availability and site resilience. Can we relay the NTLM authentication among Exchange Servers?
Microsoft Office Online Server Remote Code Execution
https://ift.tt/rl1VBn8
Submitted October 19, 2022 at 02:41PM by gid0rah
via reddit https://ift.tt/NBH7PJd
https://ift.tt/rl1VBn8
Submitted October 19, 2022 at 02:41PM by gid0rah
via reddit https://ift.tt/NBH7PJd
MDSec
Microsoft Office Online Server Remote Code Execution - MDSec
Microsoft’s Office Online Server is the next generation of Office Web Apps Server; it provides a browser based viewer/editor for Word, PowerPoint, Excel and OneNote documents. The product can be...
The Danger of Falling to System Role in AWS SDK Client
https://ift.tt/vqUycYx
Submitted October 19, 2022 at 02:37PM by nibblesec
via reddit https://ift.tt/Q3G6NWf
https://ift.tt/vqUycYx
Submitted October 19, 2022 at 02:37PM by nibblesec
via reddit https://ift.tt/Q3G6NWf
Doyensec
The Danger of Falling to System Role in AWS SDK Client · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE (CVSS9.8), aka "Text4Shell"
https://ift.tt/qFWSwm7
Submitted October 19, 2022 at 02:17PM by qwerty0x41
via reddit https://ift.tt/JLUjfln
https://ift.tt/qFWSwm7
Submitted October 19, 2022 at 02:17PM by qwerty0x41
via reddit https://ift.tt/JLUjfln
Azure function to insert MISP data into Azure Sentinel
https://ift.tt/2kQ85Gh
Submitted October 19, 2022 at 02:00PM by wez32
via reddit https://ift.tt/AwjXUO5
https://ift.tt/2kQ85Gh
Submitted October 19, 2022 at 02:00PM by wez32
via reddit https://ift.tt/AwjXUO5
GitHub
GitHub - zolderio/misp-to-sentinel: Azure function to insert MISP data in to Azure Sentinel
Azure function to insert MISP data in to Azure Sentinel - GitHub - zolderio/misp-to-sentinel: Azure function to insert MISP data in to Azure Sentinel