Red Team
Understanding Advanced Persistent Threats
What are Advanced Persistent Threats(APTs)? Advanced persistent threats (APTs) are a type of cyber attack that poses a serious threat to organizations and individuals alike. In this article, we will delve into ...
Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting
Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, […] The ...
NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208)
Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If ...
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs
Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). […] The ...
Cisco IOS XE Web UI Vulnerability: A Glimpse into CVE-2023-20198
Overview On Monday, 16 October, Cisco reported a critical zero-day vulnerability in the web UI feature of its IOS XE software actively being exploited by threat actors to install Remote […] The ...
SCCM Hierarchy Takeover
One Site to Rule Them Alltl;dr:There is no security boundary between sites in the same hierarchy.When an administrative user is granted a security role in SCCM, such as Full Administrator or Infrastructure Administrator, ...
Reactive Progress and Tradecraft Innovation
Detection as PredictionThe overarching goal of a security operations program is to prevent or mitigate the impact of an attacker gaining unauthorized access to an IT environment. In service of this mission, ...
Leveraging Wargaming Principles for Cyberdefense Exercises
Wargames are an excellent way to ensure your cyberdefense plans are solid and your processes are current ...
Security Boulevard
Apache Superset Part II: RCE, Credential Harvesting and More
Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized ...
SaaS Attacks: Compromising an Organization without Touching the Network
Tom Eston | | Attack Framework, attacker, blue team, Cloud, Cloud Penetration Testing, cloud-based, Compromise, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, hacker, Hacking, Information Security, Infosec, lateral movement, Luke Jennings, MITRE ATT&CK, MITRE ATT&CK Framework, network, network attacks, Network penetration testing, Podcast, Podcasts, Privacy, Push Security, Red Team, SaaS, SaaS Application, SaaS Attacks, security, Software-as-a-Service, Special Editions, technology, Weekly Edition
In this episode Luke Jennings VP of Research & Development from Push Security joins us to discuss SaaS attacks and how its possible to compromise an organization without touching a single endpoint ...