Kevin Beaumont
BleepingComputerThe remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group.
Patrick Webster
- 35 Followers
- 120 Following
- 28 Posts
Security Consultant https://www.osi.security
1.30am bloggo I wrote
Everything I know about the Fortigate config dump situation
MAKS 25 ππΊπ¦@NoRezervationz @MissingThePt I only use Twitter to see the dumb sh*t Elon has done today. Just as I did for Trump! In fact, there is even a song about it: https://youtu.be/TsKDO-r5STc
πΊπΈ WHAT'S DONALD GONNA DO TODAYβοΈ Kevin Bloody Wilson π¦πΊ π
@christianselig This might seem like a silly question, but why don't you swap the Apollo backend to use Lemmy instead? Same for RIF etc. People enjoy the UI clients and the backend website itself isn't of much consequence. Update the app and the users will follow. #redditMigration #reddit #redditblackout #redditboycott
@lcamtuf @riskybusiness @hdm Ah yeah it's not so much about hosting (or even maintenance) but ownership. Definitely should be updated and the payload strings are from msf: yet even today you'll find the strings get through many layers of active IPS devices and software solutions which shouldn't happen. Some vendors now have prearranged Blocklist URLs, which are minimum inspection confirmed rejections but it's platform specific. The concept and tests seem like something which should be better defined and openly held in the long term.
@riskybusiness @hdm also @lcamtuf love your work over many decades, so if you have a suggestion for a final open source home for wicar.org that would be appreciated
@riskybusiness @hdm I thought it should join with eicar but even that concept seems website dated, old and no response when offered long ago...
In terms of IDS/IPS defence testing it is still perfectly valid. I'm always surprised how often a bleeding edge vendor IPS will let horrible strings be delivered to desktops in corporate environments with major expenditure through a dozen filters! Sigh
@riskybusiness @hdm most of it is on GitHub and over a decade later it is still heavily trafficked (despite being rarely maintained & browser blacklisted which interrupt hits without user interaction).
@riskybusiness @hdm any thoughts on what to do with https://wicar.org/ ? Was meant to be a minor project to pre-design payload strings to test vendor defences when travelling. Surprisingly (poor) vendor results in many cases.
