Mastodawn

aegilops Jan 10, 2023

That JWT "vulnerability"?

Nope 🙅

Exploiting this requires a deserialization bug in an app using the library, or for an attacker to be able to control the code directly (at which point they have RCE already).

Not CVSS 7.6, by any means: it requires an app to be dangerously deserializing untrusted input into a field for security token validation! Most apps hardcode a string.

This is CVSS 0.

This bug is not a vulnerability.

#JWT #CVE_2022_23529 #CVE #JavaScript #PaloAltoUnit42

Dormidera Nov 9, 2022

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild.

https://unit42.paloaltonetworks.com/cobalt-strike-team-server/

#cobaltstrike #paloaltounit42

Cobalt Strike Analysis and Tutorial: Identifying Beacon Team Servers in the Wild

We present new techniques that leverage active probing and network fingerprint technology to help you detect Cobalt Strike’s Team Servers.

Unit 42

ITSEC News May 15, 2020

Hoaxcalls Botnet Exploits Symantec Secure Web Gateways - The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the ... more: https://threatpost.com/hoaxcalls-botnet-symantec-secure-web-gateways/155806/ #symantecsecurewebgateway #vulnerabilities #paloaltounit42 #vulnerability #websecurity #end-of-life #propagation #hoaxcalls #unpatched #malware #exploit #botnet #mirai

Hoaxcalls Botnet Exploits Symantec Secure Web Gateways

The fast-moving botnet has added an exploit for an unpatched bug in an unsupported version of the security gateway.

Threatpost - English - Global - threatpost.com