modzerocatch a glimpse of us holding our annual “state of the zero” meetup - to wrap our heads around all of IT and us.
we also took a boat trip, ate too many sweets, touched some grass, saved the world, had a barbecue and a drink or two…💓
Our teammate Leonid had a look on Synology. He discovered a leaked credential that allowed anyone unauthorized access to all Microsoft tenants of organizations that use Synology's "Active Backup for Microsoft 365" (ABM), including sensitive data such as all Teams channel messages. #synology #disclosure #modzero #infosec
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
THSWhen Backups Open Backdoors: We discovered a leaked credential that allowed anyone unauthorized access to all Microsoft tenants of organizations that use Synology's "Active Backup for Microsoft 365" (ABM), including sensitive data such as all Teams channel messages. #synology #disclosure #modzero #writeup
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
https://modzero.com/en/blog/when-backups-open-backdoors-synology-active-backup-m365/
We did it again 😅 https://support.hp.com/us-en/document/ish_11536495-11536533-16/hpsbpy03900 #poly #rce #modzero #CVE-2024-9579