Business-focused OSINT with Netlas.io 🔎
Our new article is devoted to researching company resources using Netlas tools.
It shows how to collect contacts, files, explore subnets and much more. Read it quickly!
👉 Read here: https://nt.ls/osint
Our new article is devoted to researching company resources using Netlas tools.
It shows how to collect contacts, files, explore subnets and much more. Read it quickly!
👉 Read here: https://nt.ls/osint
Medium
Netlas.io – Medium
Read writing from Netlas.io on Medium. Discover, research and monitor any assets available online. Every day, Netlas.io and thousands of other voices read, write, and share important stories on Medium.
👾5🔥3👀1
Good news 🔥
Yesterday we fixed three bugs in subnoscription system that were discovered during the penetration testing.
Now Netlas has become even safer!
👉🏻 Changelog: https://docs.netlas.io/changelog/
Yesterday we fixed three bugs in subnoscription system that were discovered during the penetration testing.
Now Netlas has become even safer!
👉🏻 Changelog: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
👾5👍2
New vulnerability in CrushFTP, "serious" rating 🔥
The vulnerability, which does not yet have a CVE, was discovered in CrushFTP. According to the vendor's report, its use could allow an attacker to leave the VFS and download system files. Moreover, the vulnerability has already been used in real attacks!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/5fGPm
👉🏻 Dork: http.headers.server:"CrushFTP"
Vendor's advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
The vulnerability, which does not yet have a CVE, was discovered in CrushFTP. According to the vendor's report, its use could allow an attacker to leave the VFS and download system files. Moreover, the vulnerability has already been used in real attacks!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/5fGPm
👉🏻 Dork: http.headers.server:"CrushFTP"
Vendor's advisory: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update
👍5👾4🔥3💋1
CVE-2024-20356: Command Injection in Cisco Integrated Management Controller, 8.7 rating 🔥
The vulnerability allows attacker to inject almost any code, as demonstrated by the example of the launch of Doom (oh yes, now on Cisco)!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/WixwE
👉🏻 Dork: http.noscript:"Cisco Integrated Management Controller"
Read more: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/
The vulnerability allows attacker to inject almost any code, as demonstrated by the example of the launch of Doom (oh yes, now on Cisco)!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/WixwE
👉🏻 Dork: http.noscript:"Cisco Integrated Management Controller"
Read more: https://labs.nettitude.com/blog/cve-2024-20356-jailbreaking-a-cisco-appliance-to-run-doom/
🔥4😁4👾4💋1
pfSense-SA-24_04: XSS in pfSense Plus and pfSense CE❗
A vulnerability was discovered in the jquery-treegrid library that could cause arbitrary JavaScript code to be executed in the user's browser.
According to the vendor's advisory, the library is used for testing only and can be safely disabled.
Search at Netlas.io:
👉 Link: https://nt.ls/E5AZ1
👉 Dork: http.noscript:"pfSense - Login" OR http.noscript:"pfSense Plus"
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-24_04.webgui.asc
A vulnerability was discovered in the jquery-treegrid library that could cause arbitrary JavaScript code to be executed in the user's browser.
According to the vendor's advisory, the library is used for testing only and can be safely disabled.
Search at Netlas.io:
👉 Link: https://nt.ls/E5AZ1
👉 Dork: http.noscript:"pfSense - Login" OR http.noscript:"pfSense Plus"
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-24_04.webgui.asc
👍4👾4🔥2💋1
🚀 Webinar by Our Partners: The Art and Science of C2: Veni, non vidi, non vici?
This May 7th, join our partners as they demonstrate detecting and analyzing C2 servers with Netlas. Expert insights and real-time demonstrations await!
👉 See it live on LinkedIn!
https://www.linkedin.com/events/7191004213999542272/
This May 7th, join our partners as they demonstrate detecting and analyzing C2 servers with Netlas. Expert insights and real-time demonstrations await!
👉 See it live on LinkedIn!
https://www.linkedin.com/events/7191004213999542272/
Linkedin
The Art and Science of C2: Veni, non vidi, non vici? | LinkedIn
🚀 Join us for an in-depth exploration of Command and Control (C2) servers in our webinar:
"The Art and Science of C2: Veni, non vidi, non vici? ".
🤿 Dive into the deep water of C2 infrastructure, understanding its role in cyber attacks, and how to combat…
"The Art and Science of C2: Veni, non vidi, non vici? ".
🤿 Dive into the deep water of C2 infrastructure, understanding its role in cyber attacks, and how to combat…
👍2👾2👏1
CVE-2024-26304, -26305, -33511, -33512 and other: Multiple vulnerabilities in ArubaOS, 5.3 - 9.8 rating 🔥🔥🔥
More recently disclosed vulnerabilities allow an unauthenticated attacker to perform RCE via a buffer overflow and cause a denial of service.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/myG4Y
👉🏻 Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt
More recently disclosed vulnerabilities allow an unauthenticated attacker to perform RCE via a buffer overflow and cause a denial of service.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/myG4Y
👉🏻 Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt
🔥4👾4
CVE-2023-49606: RCE in Tinyproxy 1.10.0, 1.11.1, 9.8 rating 🔥
A use-after-free vulnerability in Tinyproxy allows an attacker to perform RCE via a specially crafted HTTP header.
Search at Netlas.io:
👉 Link: https://nt.ls/vWqHD
👉 Dork: http.headers.server:"tinyproxy/1.11.1" OR http.headers.server:"tinyproxy/1.10.0"
Read more: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
A use-after-free vulnerability in Tinyproxy allows an attacker to perform RCE via a specially crafted HTTP header.
Search at Netlas.io:
👉 Link: https://nt.ls/vWqHD
👉 Dork: http.headers.server:"tinyproxy/1.11.1" OR http.headers.server:"tinyproxy/1.10.0"
Read more: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889
👍5👾3🔥1
CVE-2024-26026, -21793: Two injections in F5 Big IP, 7.5 rating❗️
SQL injection and OData injection allow an unauthenticated attacker to conduct a remote attack and gain access to sensitive information.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ptJHt
👉🏻 Dork: http.headers.server:"BigIP"
You can also use the "f5_bigip" tag to get more results.
Read more: https://www.tenable.com/blog/cve-2024-21793-cve-2024-26026-proof-of-concept-available-for-f5-big-ip-next-central-manager
SQL injection and OData injection allow an unauthenticated attacker to conduct a remote attack and gain access to sensitive information.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ptJHt
👉🏻 Dork: http.headers.server:"BigIP"
You can also use the "f5_bigip" tag to get more results.
Read more: https://www.tenable.com/blog/cve-2024-21793-cve-2024-26026-proof-of-concept-available-for-f5-big-ip-next-central-manager
👾5🔥3👍2
CVE-2024-29895, -25641, -31445, -31459: Multiple vulns in Cacti, 8.8 - 10.0 rating 🔥🔥🔥
Four new vulnerabilities in Cacti, including SQL injection, RCE, arbitrary file write. So, why are CVEs always so diverse for this product? 🧐
Search at Netlas.io:
👉🏻 Link: https://nt.ls/dxZnI
👉🏻 Dork: http.noscript:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Read more: https://thehackernews.com/2024/05/critical-flaws-in-cacti-framework-could.html
Four new vulnerabilities in Cacti, including SQL injection, RCE, arbitrary file write. So, why are CVEs always so diverse for this product? 🧐
Search at Netlas.io:
👉🏻 Link: https://nt.ls/dxZnI
👉🏻 Dork: http.noscript:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Read more: https://thehackernews.com/2024/05/critical-flaws-in-cacti-framework-could.html
👾4👍3🔥3
🚀 Netlas Python SDK v.0.5 is now available. We've made key updates for enhanced compatibility and improved downolading features.
🔧 To upgrade, run:
📈 Check out the full changelog for more details: https://docs.netlas.io/changelog/
🔧 To upgrade, run:
pip install --upgrade netlas
📈 Check out the full changelog for more details: https://docs.netlas.io/changelog/
👾5👍3❤1🔥1
🔥 Netlas 0.24.0 update is here! 🔥
The update brought new information to Netlas' IP/Domain info tool - Reputation Score. Thanks to our collaboration with RST Cloud, information about the Indicators of Compromise of some hosts has become available to users right inside the web application!
Minor features:
🐛 Fixed one favicon search bug,
📑 Update for Datastore API endpoint,
🖥 Some improvements in UI,
and others.
👉🏻 Try it now: https://app.netlas.io/host/
👉🏻 Read more: https://nt.ls/iocs
The update brought new information to Netlas' IP/Domain info tool - Reputation Score. Thanks to our collaboration with RST Cloud, information about the Indicators of Compromise of some hosts has become available to users right inside the web application!
Minor features:
🐛 Fixed one favicon search bug,
📑 Update for Datastore API endpoint,
🖥 Some improvements in UI,
and others.
👉🏻 Try it now: https://app.netlas.io/host/
👉🏻 Read more: https://nt.ls/iocs
🔥4👾4🎉2👍1
CVE-2024-4835, -2874 and other: Multiple vulns in GitLab, 4.3 - 8.0 rating❗️
New set of vulnerabilities for GitLab for every taste. Account takeover, CSRF, DoS, and more.
Search at Netlas.io:
👉 Link: https://nt.ls/xmir8
👉 Dork: http.meta:"Gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/05/22/patch-release-gitlab-17-0-1-released/
New set of vulnerabilities for GitLab for every taste. Account takeover, CSRF, DoS, and more.
Search at Netlas.io:
👉 Link: https://nt.ls/xmir8
👉 Dork: http.meta:"Gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2024/05/22/patch-release-gitlab-17-0-1-released/
👾5👍2🔥2
Create a company technological profile in one click 🔥
In a new article on our Medium we will tell you how to complete your company research using Netlas.io.
This time we will find the services used, information about providers and much more 🔍
👉🏻 Read now: https://blog.netlas.io/building-tech-profile-of-a-company-f2145dedad31
In a new article on our Medium we will tell you how to complete your company research using Netlas.io.
This time we will find the services used, information about providers and much more 🔍
👉🏻 Read now: https://blog.netlas.io/building-tech-profile-of-a-company-f2145dedad31
Medium
Netlas.io – Medium
Read writing from Netlas.io on Medium. Discover, research and monitor any assets available online. Every day, Netlas.io and thousands of other voices read, write, and share important stories on Medium.
🔥5👾3👌1
CVE-2024-24919: Exposure of Sensitive Information in Check Point 🔥
A vulnerability that has been on everyone's lips in recent days. Allows an unauthenticated attacker to gain access to sensitive information.
Search at Netlas.io:
👉 Link (tag, more results): https://nt.ls/z9fQV
👉 Dork (tag, more results): tag.name:"checkpoint"
👉 Link (no tag): https://nt.ls/tnMCW
👉 Dork (no tag): http.favicon.hash_sha256:9a3a865d8911afcd95389ec701e5e8abcad69d928efd5b52b5d0bcc70a60d11a
Vendor's advisory: https://support.checkpoint.com/results/sk/sk182336
A vulnerability that has been on everyone's lips in recent days. Allows an unauthenticated attacker to gain access to sensitive information.
Search at Netlas.io:
👉 Link (tag, more results): https://nt.ls/z9fQV
👉 Dork (tag, more results): tag.name:"checkpoint"
👉 Link (no tag): https://nt.ls/tnMCW
👉 Dork (no tag): http.favicon.hash_sha256:9a3a865d8911afcd95389ec701e5e8abcad69d928efd5b52b5d0bcc70a60d11a
Vendor's advisory: https://support.checkpoint.com/results/sk/sk182336
👾6🔥3👍2
Netlas.io and RST Cloud collaboration 🤝
We trust you've observed the inclusion of threat intelligence data in the Netlas search with the release of version 0.24.0. This advancement was made achievable through our partnership with RST Cloud.
Today, we are pleased to unveil an official press release for those inclined to acquaint themselves with the full array of collaborative features.
👉🏻 Press release: https://www.linkedin.com/posts/netlas-io_netlas-and-rst-cloud-forge-alliance-to-enhance-activity-7204777141576581120-E1H3/
We trust you've observed the inclusion of threat intelligence data in the Netlas search with the release of version 0.24.0. This advancement was made achievable through our partnership with RST Cloud.
Today, we are pleased to unveil an official press release for those inclined to acquaint themselves with the full array of collaborative features.
👉🏻 Press release: https://www.linkedin.com/posts/netlas-io_netlas-and-rst-cloud-forge-alliance-to-enhance-activity-7204777141576581120-E1H3/
Linkedin
Netlas.io on LinkedIn: Netlas and RST Cloud Forge Alliance to Enhance Cyber Threat Intelligence…
Netlas and RST Cloud Forge Alliance to Enhance Cyber Threat Intelligence and Threat Hunting Capabilities
Netlas.io, a leading platform for internet-wide…
Netlas.io, a leading platform for internet-wide…
👾5👍3🔥3❤1
CVE-2024-34102 and others: Multiple vulns in Magento Open Source, 4.8 - 9.8 rating 🔥🔥🔥
New vulnerabilities in Magento (and Adobe Commerce) for every taste: arbitrary code execution, security feature bypass and privilege escalation!
Search at Netlas.io:
👉 Link: https://nt.ls/rxUR7
👉 Dork: tag.name:"magento"
Vendor's advisory: https://helpx.adobe.com/security/products/magento/apsb24-40.html
New vulnerabilities in Magento (and Adobe Commerce) for every taste: arbitrary code execution, security feature bypass and privilege escalation!
Search at Netlas.io:
👉 Link: https://nt.ls/rxUR7
👉 Dork: tag.name:"magento"
Vendor's advisory: https://helpx.adobe.com/security/products/magento/apsb24-40.html
🔥5👾4👍3
CVE-2024-37079, -37080, -37081: Multiple vulns in VMware vSphere and vCenter, 7.8 - 9.8 rating 🔥🔥🔥
RCE via heap overflow and local privilege escalation in several VMware products.
Search at Netlas.io:
👉 Link: https://nt.ls/hgQQd
👉 Dork: http.noscript:"ID_VC_Welcome" OR certificate.issuer.domain_component:"vsphere"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
RCE via heap overflow and local privilege escalation in several VMware products.
Search at Netlas.io:
👉 Link: https://nt.ls/hgQQd
👉 Dork: http.noscript:"ID_VC_Welcome" OR certificate.issuer.domain_component:"vsphere"
Vendor's advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453
👾5🔥4👍2
CVE-2024-28995: Path Traversal in SolarWind Serv-U, 8.6 rating 🔥
Vulnerability disclosed with a fresh hotfix. Successful exploitation allows the attacker to bypass security checks and get sensitive files. PoC is now available on GitHub!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/9vwgf
👉🏻 Dork: http.headers.server:"Serv U"
Vendor's advisory: https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
Vulnerability disclosed with a fresh hotfix. Successful exploitation allows the attacker to bypass security checks and get sensitive files. PoC is now available on GitHub!
Search at Netlas.io:
👉🏻 Link: https://nt.ls/9vwgf
👉🏻 Dork: http.headers.server:"Serv U"
Vendor's advisory: https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28995
🔥5👾4❤2
CVE-2024-5655 and others: Multiple vulns in GitLab, 7.5 - 9.6 rating 🔥
New vulnerabilities in GitLab, as always, several at a time. Stored XSS, CSFT, access control issue.
Search at Netlas.io:
👉 Link: https://nt.ls/ZXnLZ
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef
Read more: https://www.bleepingcomputer.com/news/security/critical-gitlab-bug-lets-attackers-run-pipelines-as-any-user/
New vulnerabilities in GitLab, as always, several at a time. Stored XSS, CSFT, access control issue.
Search at Netlas.io:
👉 Link: https://nt.ls/ZXnLZ
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef
Read more: https://www.bleepingcomputer.com/news/security/critical-gitlab-bug-lets-attackers-run-pipelines-as-any-user/
🔥6👾4
CVE-2024-6387 (and probably CVE-2006-5051): Unauthenticated RCE in OpenSSH 🔥
The vulnerability, discovered by Qualys researchers, allows an attacker to perform RCE on any OpenSSH server, provided that the operating system contains the glibc library.
Versions 8.5p1 to 9.8p1 are affected, and versions <4.4p are also potentially vulnerable.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ySN3C
👉🏻 Dork: tag.openssh.version:(>=8.5 AND <9.8) OR tag.openssh.version:(<4.4)
Read more: https://www.qualys.com/regresshion-cve-2024-6387/
The vulnerability, discovered by Qualys researchers, allows an attacker to perform RCE on any OpenSSH server, provided that the operating system contains the glibc library.
Versions 8.5p1 to 9.8p1 are affected, and versions <4.4p are also potentially vulnerable.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/ySN3C
👉🏻 Dork: tag.openssh.version:(>=8.5 AND <9.8) OR tag.openssh.version:(<4.4)
Read more: https://www.qualys.com/regresshion-cve-2024-6387/
🔥3👾3👍2🤔2