GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Caitlin Condon (catc0n@infosec.exchange)'s status on Monday, 16-Dec-2024 23:57:30 JST Caitlin Condon Caitlin Condon
    • Stephen Fewer

    Full Rapid7 analysis of #Cleo CVE-2024-55956 now available c/o @stephenfewer. It's neither a patch bypass of CVE-2024-50623 nor part of a chain after all — totally new bug, different exploitation strategies across the two issues (though the same endpoint gets used either way).

    I'm not sure it's been mentioned much yet that Cleo evidently released IOCs related to CVE-2024-50623 in October 2024, implying the older bug's been exploited for a minute. Would sure be helpful to know more about who was doing that exploiting, particularly now that Cl0p has claimed credit for last week's attack.

    https://attackerkb.com/topics/geR0H8dgrE/cve-2024-55956/rapid7-analysis

    In conversation about a month ago from infosec.exchange permalink

    Attachments


    • Kevin Beaumont repeated this.
    • Embed this notice
      Lawrence Abrams (lawrenceabrams@infosec.exchange)'s status on Tuesday, 17-Dec-2024 07:52:57 JST Lawrence Abrams Lawrence Abrams
      in reply to

      @catc0n Clop claimed to be behind both the October and more recent exploitation.

      In conversation about a month ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.