Twitter | Pretraživanje | |
Victor Gevers
Hacker. 5,729 Responsible Disclosures / Coordinated Vulnerability Disclosures. Researcher at . Chair of
9.853
Tweetovi
782
Pratim
44.245
Osobe koje vas prate
Tweetovi
Victor Gevers 12 h
Odgovor korisniku/ci @coderholic @vvandaal i 3 ostali
That would be great. It's for non-profit research and incident management done by volunteers.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 23 h
Odgovor korisniku/ci @p1nt1nh0 @Plazmaz
lolcat all the things :-)
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 23 h
Odgovor korisniku/ci @Plazmaz
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 24 h
Odgovor korisniku/ci @DIVDnl
In the last 9 days, we have reported over 7K Windows Remote Desktop Gateways with a BlueGate (CVE-2020-0609 & CVE-2020-0610) vulnerability Most of them installed the update (and rebooted their server). But there are still 8,766 vulnerable Windows Remote Desktop Gateways online.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @j_opdenakker
select sqlite_version();
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @github
Hey. This also includes gists and Github issues? Is there a limit on the number of issues per repo/account? I was thinking about importing all data leaks and identified security issues into a global ticketing system. How do I make that work? Thanks :-)
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @hackerfantastic
That 0x8000fff handshake on UDP/3391 from the Netherlands was not me. :-)
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @freedomhouse @Sarah_G_Cook
Globally, hundreds of millions are consuming information directly produced by Chinese state media—sometimes without knowing it, says ’s . Social media and multi-purpose messaging apps are being monitored, and controlled.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers proslijedio/la je tweet
Simon Weckert 1. velj
99 smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route!
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @MasterHawkx1 @campuscodi @JohnCena
But that is not a phonebook. That is a lead database containing PII which is valuable for phishing... There are also a dozen 's in there. And none of them is the real deal. :-)
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @mndell @okoeroo i 2 ostali
Yes, something like that. For Citrix and RDP, it took 500k on lookups since December It depends on how many vulnerabilities require immediate attention and which ones we already identified a few months ago but could not identify the owner.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 2. velj
Odgovor korisniku/ci @okoeroo @DIVDnl @GDI_FDN
Yes. To add "context" to a host. Sometimes less information is better and sometimes it helps to have a broader view. Details also help prioritize with cherrypicking through the bigger piles.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @vvandaal @DIVDnl @GDI_FDN
Yes, please :-)
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @vvandaal @DIVDnl @GDI_FDN
Yes. That would be close to it. It's be helpful to get the ISP name and its abuse address. But having a bit more background information helps plotting issues a bit better like how does it. The geolocation can be 200 kilometers off with compared with whois.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
I am looking for a service which can offer IP address data (for free) which will help us ( and ) to reach out to the owners of vulnerable online systems. If you know (someone at) a company which help us with this then please put in a good word in it for us. 🙏
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @Ionut_Ilascu @USCERT_gov
"We checked the Netscaler logs and found no evidence of successful exploitation of the vulnerability. Why are you suggesting to redeploy it with new credentials and new certificates?" This is the/etc/password file of your server. Did you not see this in your log files? RCE =☠️
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @4ernst @mndell @ChrisvanDamCDA
Als je je auto bij de garage brengt en deze geeft aan dat het profiel op je banden gevaarlijk laag is. Ga je dan doorrijden of volg je het advies dan op. De AIVD adviseerde de Rijksoverheid, de politie en alle 'vitale organisaties' op om Citrix-software direct uit te schakelen.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @4ernst @mndell @ChrisvanDamCDA
Als het paste om er iets tussen te zetten en/of IP whitelisting te kunnen doen dan zeker. Dat kon ook best vaak. Maar bij die laatste (na de /) ligt het net even anders. Vroeger zat het achter een VPN. En dat gaat straks weer achter een VPN om dezelfde steen te vermijden.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @4ernst @mndell @ChrisvanDamCDA
Het gaat er niet om dat de exploit in januari publiekelijk werd. Deze simpele path traversal zwakheid werd in december al gedeeld binnen bepaalde groepen. Het uiterlijke patchen in januari was toen al te laat. Remote desktop diensten horen achter een VPN. Punt uit.
Reply Retweet Označi sa "sviđa mi se"
Victor Gevers 1. velj
Odgovor korisniku/ci @mndell
Omdat organisaties het niet aan de grote klok gaan hangen dat ze het probleem hadden.
Reply Retweet Označi sa "sviđa mi se"