Zsolt N.’s Post

Is there anyone aware of an attack where several vulnerabilities (say CVEs) in software dependencies (say app x contains 10 CVEs) have been compositionally (all or a subset of the CVEs) used for constructing the attack? The idea here is to motivate the visibility of how attackers can benefit from the vulnerabilities listed in a given SBOM corresponding to specific software. #SBOM #Vulnerabilities #compositionalAttack

Since 2005, #educationalinstitutions in the United States have experienced 3713 #databreaches, impacting over 37.6m records. 2023 marked a record year, with 954 breaches recorded, a dramatic rise from 139 in 2022 and 783 in 2021. This surge was primarily attributed to #MOVEit file transfer software vulnerabilities, affecting over 800 institutions.  The number of records compromised in 2023 soared to nearly 4.3m, compared to approximately 2.6m in both 2021 and 2022. Among these, 1.7m records were compromised in #thirdpartybreaches, and 1.9m were affected by 65 #ransomwareattacks. #Studentidentities are being compromised which should be a cause of concern for #parents! #Staysafe and be #protected with our #identityresttorationsolution. We do more than #monitor which others do! We don't tell you what to do! WE #DOIT

🔓Day 65 : Just pwned the "Intelligence" Out of HTB! 🤖 Boom! Just pwned the HTB retired machine Intelligence (Windows box) in 3.40 hours! 🕒🔍 🕷️Vulnerabilities Exploited: - Logic Flaws in Web Apps - Info Disclosure (CWE-200) - Kerberoasting (CVE-2014-1812) - Credential Dumping (CWE-522) - Privilege Escalation (CWE-732) 🔧 Tools Used: Nmap, dig, smbclient, wget, pdfinfo, crackmapexec, smbmap, dnstool.py, Responder, john, smbclient, Impacket suite, gMSADumper and own script.py That's 31 HTB machines down, 20 from Tj Null's list! Who's counting? (I am. 🏅) #CyberSecurity #HackTheBox #Networking #Privesc #tech #PenTesting #InfoSec

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks. Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday. http://ow.ly/mysl105q50j #InceptusSecure #UnderOurProtection

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks. Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday. http://ow.ly/mysl105q50j #InceptusSecure #UnderOurProtection

In my last red team project, I encountered something interesting. We were facing a Multi-Factor Authentication (MFA) system that protected services like Remote Desktop (RDP), Active Directory Federation Services (ADFS) and Exchange Service. Initially, it appeared incredibly secure, and we couldn't move laterally within network. However, we eventually discovered several vulnerabilities in this product, including one that allowed us to expose the QR code for setting up Time-Based One-Time Passwords (TOTP) for any user. When securing resources, it is recommended to adhere to the concept of defense in depth. This approach ensures that if one layer of protection fails or contains a bug, other layers are in place to safeguard the resources.   #DefenceInDepth #RedTeam #PenetrationTesting #MFA #LateralMovement

💡 𝗧𝗲𝗰𝗵 𝗧𝗶𝗽 𝗧𝘂𝗲𝘀𝗱𝗮𝘆💡 𝗗𝗶𝗱 𝘆𝗼𝘂 𝗸𝗻𝗼𝘄? Regular software updates are key to keeping your devices secure and running smoothly! 🔐💻 Whether it's your phone or PC, staying up-to-date with the latest patches helps protect against vulnerabilities and boosts performance. So, take a moment today to check for updates, and keep your tech in top shape! 🚀 #ProntoCS #ProntoComputerSolutions #PCS #TechTipTuesday #TechSavvy #StaySecure #UpgradeYourTech

✒️Think of 𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 as a game of 𝘄𝗵𝗮𝗰𝗸-𝗮-𝗺𝗼𝗹𝗲; each 𝘃𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 you patch might close one door, but you’re only one 𝘇𝗲𝗿𝗼-𝗱𝗮𝘆 exploit away from a different mole popping up at the back—don’t get too comfortable because the 𝗴𝗮𝗺𝗲 𝗻𝗲𝘃𝗲𝗿 𝗲𝗻𝗱𝘀😆 𝗛𝗮𝗽𝗽𝘆 𝗪𝗲𝗲𝗸𝗲𝗻𝗱 ! #ApplicationSecurity #CodeSecurity #ZeroDayExploit #VulnerabilityManagement #SecurityByDesign #WhackAMoleSecurity

So many people download new software or apps and never end up using them! The problem is, the apps still contain the personal information and passwords you used, which puts you at risk if you’re not updating the software and patching the vulnerabilities. 👉 Regularly review software and applications to remove any that you don’t use. #quicktechtip #techsolutions #lifehack #businesstip #ReliableTechnologySolutions #DallasIT #FTWorthIT

So many people download new software or apps and never end up using them! The problem is, the apps still contain the personal information and passwords you used, which puts you at risk if you’re not updating the software and patching the vulnerabilities. 👉 Regularly review software and applications to remove any that you don’t use. #quicktechtip #techsolutions #lifehack #businesstip #Windstar #VirginiaIT