Mastodawn

Patrick Webster Jan 16, 2025

Kevin Beaumont Jan 16, 2025

1.30am bloggo I wrote

Everything I know about the Fortigate config dump situation

https://doublepulsar.com/2022-zero-day-was-used-to-raid-fortigate-firewall-configs-somebody-just-released-them-a7a74e0b0c7f

2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.

Back in 2022, Fortinet warned that somebody had a zero day vulnerability and was using it to exploit Fortigate firewalls https://www.fortinet.com/blog/psirt-blogs/update-regarding-cve-2022-40684…

DoublePulsar

Patrick Webster Jun 28, 2024

BleepingComputer Jun 27, 2024

The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group.

https://www.bleepingcomputer.com/news/security/teamviewers-corporate-network-was-breached-in-alleged-apt-hack/

TeamViewer's corporate network was breached in alleged APT hack

The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group.

BleepingComputer

Patrick Webster Jul 11, 2023

MAKS 25 👀🇺🇦Jul 11, 2023

According to Der Spiegel, the new aid package from #Germany 🇩🇪 to #Ukraine 🇺🇦 will include:

- 2 Patriot SAM launchers.
- 40 BMP Marder 1A3.
- 25 MBT Leopard 1A5.
- 5 BREM Bergepanzer 2.
- 20 thousand 155-mm shells.
- 5 thousand 155-mm smoke shells.

Patrick Webster Jun 22, 2023

@christianselig This might seem like a silly question, but why don't you swap the Apollo backend to use Lemmy instead? Same for RIF etc. People enjoy the UI clients and the backend website itself isn't of much consequence. Update the app and the users will follow. #redditMigration #reddit #redditblackout #redditboycott

Show thread

Patrick Webster Jan 26, 2023

@riskybusiness @hdm also @lcamtuf love your work over many decades, so if you have a suggestion for a final open source home for wicar.org that would be appreciated

Show thread

Patrick Webster Jan 26, 2023

@riskybusiness @hdm I thought it should join with eicar but even that concept seems website dated, old and no response when offered long ago...

In terms of IDS/IPS defence testing it is still perfectly valid. I'm always surprised how often a bleeding edge vendor IPS will let horrible strings be delivered to desktops in corporate environments with major expenditure through a dozen filters! Sigh

Show thread

Patrick Webster Jan 26, 2023

@riskybusiness @hdm most of it is on GitHub and over a decade later it is still heavily trafficked (despite being rarely maintained & browser blacklisted which interrupt hits without user interaction).

Patrick Webster Jan 26, 2023

@riskybusiness @hdm any thoughts on what to do with https://wicar.org/ ? Was meant to be a minor project to pre-design payload strings to test vendor defences when travelling. Surprisingly (poor) vendor results in many cases.

WICAR.org - Test Your Anti-Malware Solution!

The wicar.org website was designed to test the correct operation your anti-virus / anti-malware software. The name " WICAR " is derived from the industry standard EICAR anti-virus test file ,...

WICAR.org - Test Your Anti-Malware Solution!

Patrick Webster Dec 18, 2022

Patrick Gray Dec 18, 2022

Mastodon servers all glowing red today from new signups… on many levels it’s a tragedy but I’d be lying if I said I didn’t also find this absolutely hilarious

Patrick Webster Dec 16, 2022