GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Untitled attachment

Download link

Notices where this attachment appears

  1. Embed this notice
    Caitlin Condon (catc0n@infosec.exchange)'s status on Friday, 11-Apr-2025 04:25:10 JST Caitlin Condon Caitlin Condon

    Full analysis of Ivanti Connect Secure CVE-2025-22457 via @stephenfewer — full RCE, exploitation non-trivial (at least as it stands now).

    We should all be assuming that for any popular or high-profile technology, particularly network edge devices, adversaries have piles of software they're actively reverse engineering and developing complex exploit chains for, regardless of whether vulnerabilities are disclosed publicly as security issues or not. TAs are putting time, resources, and focus into learning the internals of *many* of these systems. If the technology industry broadly — and we ALL live in glass houses here — can't match that investment with expertise and evolution, I'm not sure we can expect the current attack landscape to improve.

    https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis

    In conversation about a month ago from infosec.exchange permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.