| Tweetovi |
|
Victor Gevers
@0xDUDE
|
12 h |
|
That would be great. It's for non-profit research and incident management done by volunteers.
bleepingcomputer.com/news/security/…
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
23 h |
|
lolcat all the things :-) pic.twitter.com/55gbS8uoMB
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
23 h |
|
|
||
|
Victor Gevers
@0xDUDE
|
24 h |
|
In the last 9 days, we have reported over 7K Windows Remote Desktop Gateways with a BlueGate (CVE-2020-0609 & CVE-2020-0610) vulnerability
Most of them installed the update (and rebooted their server). But there are still 8,766 vulnerable Windows Remote Desktop Gateways online. pic.twitter.com/EiEArGfPC7
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
select sqlite_version();
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
Hey. This also includes gists and Github issues? Is there a limit on the number of issues per repo/account? I was thinking about importing all data leaks and identified security issues into a global ticketing system. How do I make that work? Thanks :-)
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
That 0x8000fff handshake on UDP/3391 from the Netherlands was not me. :-)
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
Globally, hundreds of millions are consuming information directly produced by Chinese state media—sometimes without knowing it, says @freedomhouse
’s @Sarah_G_Cook.
twitter.com/JanJekielek/st…
Social media and multi-purpose messaging apps are being monitored, and controlled.
|
||
|
|
||
| Victor Gevers proslijedio/la je tweet | ||
|
Simon Weckert
@simon_deliver
|
1. velj |
|
99 smartphones are transported in a handcart to generate virtual traffic jam in Google Maps. Through this activity, it is possible to turn a green street red which has an impact in the physical world by navigating cars on another route! #googlemapshacks simonweckert.com/googlemapshack… pic.twitter.com/6KcMm1XgAF
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
But that is not a phonebook. That is a lead database containing PII which is valuable for phishing...
There are also a dozen @JohnCena 's in there. And none of them is the real deal. :-)
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
Yes, something like that. For Citrix and RDP, it took 500k on lookups since December It depends on how many vulnerabilities require immediate attention and which ones we already identified a few months ago but could not identify the owner.
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
2. velj |
|
Yes. To add "context" to a host. Sometimes less information is better and sometimes it helps to have a broader view. Details also help prioritize with cherrypicking through the bigger piles. pic.twitter.com/gqhI1j64u1
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
Yes, please :-)
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
Yes. That would be close to it. It's be helpful to get the ISP name and its abuse address. But having a bit more background information helps plotting issues a bit better like how ipinfo.io does it. The geolocation can be 200 kilometers off with compared with whois.
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
I am looking for a service which can offer IP address data (for free) which will help us (@DIVDnl and @GDI_FDN) to reach out to the owners of vulnerable online systems. If you know (someone at) a company which help us with this then please put in a good word in it for us. 🙏 pic.twitter.com/VNj4cll3hm
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
"We checked the Netscaler logs and found no evidence of successful exploitation of the vulnerability. Why are you suggesting to redeploy it with new credentials and new certificates?"
This is the/etc/password file of your server. Did you not see this in your log files? RCE =☠️ pic.twitter.com/yDJfhXfyLL
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
Als je je auto bij de garage brengt en deze geeft aan dat het profiel op je banden gevaarlijk laag is. Ga je dan doorrijden of volg je het advies dan op.
De AIVD adviseerde de Rijksoverheid, de politie en alle 'vitale organisaties' op om Citrix-software direct uit te schakelen.
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
Als het paste om er iets tussen te zetten en/of IP whitelisting te kunnen doen dan zeker. Dat kon ook best vaak. Maar bij die laatste (na de /) ligt het net even anders. Vroeger zat het achter een VPN. En dat gaat straks weer achter een VPN om dezelfde steen te vermijden.
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
Het gaat er niet om dat de exploit in januari publiekelijk werd. Deze simpele path traversal zwakheid werd in december al gedeeld binnen bepaalde groepen. Het uiterlijke patchen in januari was toen al te laat. Remote desktop diensten horen achter een VPN. Punt uit. pic.twitter.com/maDYtsHNLW
|
||
|
|
||
|
Victor Gevers
@0xDUDE
|
1. velj |
|
Omdat organisaties het niet aan de grote klok gaan hangen dat ze het probleem hadden.
us-cert.gov/ncas/alerts/aa…
|
||
|
|
||