RIP my friend and colleague Torgeir Natvig (https://github.com/togge). A bright, smart and lovely guy who has been taken away far, far, too soon. ❤️
Tor Houghton
- 11 Followers
- 54 Following
- 33 Posts
@GossiTheDog I refreshed my VR last year but I’ve had zero time to get back into the black. hopefully xmas will give me some time. o7
@lcamtuf no but some creep can watch you do it? 😬
@kevinthomas 👍 would be excellent if the “space management infrastructure” of this venue could be used to regain some of the intimacy that’s been lost over the years with such incredible growth in attendance numbers(!); i’m also leaning heavily towards this being a positive rather than something negative.
@GossiTheDog I’ve seen requests for one particular (the same one during the whole period) path since October 2020; roughly a thousand requests, and 99% from .ru addresses. Odd thing, no probes to my server between July 2022-July 2023. Perhaps the group by then were too busy using their accesses elsewhere so no need to scan?
@GossiTheDog btw, s/the device is be Azure/the device to be Azure/
Advisory: Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability
mnemonic is currently involved in an incident response engagement where we have observed an attack using a zero day authentication bypass vulnerability. If exploited, the vulnerability can provide an unauthorised, remote actor access to users’ personally identifiable information, as well as limited changes to the server.
@GossiTheDog also https://msandbu.org/ivanti-mobileiron-cve-2023-35078-an-urgent-call-for-update/ of which I was just made aware
@GossiTheDog 12 government departments in Norway were hit by this and are doing IR. Press conf. yesterday didn’t confirm it, but the information was later updated. (https://nsm.no/aktuelt/nulldagssarbarhet-i-ivanti-endpoint-manager-mobileiron-core)
Nulldagssårbarhet i Ivanti Endpoint Manager (MobileIron Core) - Nasjonal sikkerhetsmyndighet
På pressemøtet mandag 24. juli 2023 informerte Nasjonal sikkerhetsmyndighet og Departementenes sikkerhets- og serviceorganisasjon (DSS) om at det var en nulldagssårbarhet som ble benyttet til å utføre dataangrepet mot Departementenes sikkerhets- og serviceorganisasjon (DSS).