GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Caitlin Condon (catc0n@infosec.exchange)'s status on Thursday, 20-Mar-2025 08:16:56 JST Caitlin Condon Caitlin Condon
    • Ryan Emmons

    Okay, so Tomcat's a bust, but this sucker (CVE-2025-23120) could get interesting if the technical reality matches the advisory severity.

    It still throws me how many incidents Rapid7 MDR sees that include abuse of Veeam Backup & Replication in some manner — the deployment footprint of this product is always surprising to me, maybe because it's not usually internet-exposed, dunno. Anywho, domain-joined backup servers might be "against best practices," but that doesn't mean it's uncommon 🤷♀️ Thx to @fuzz for being on top of it as usual!

    https://www.rapid7.com/blog/post/2025/03/19/etr-critical-veeam-backup-and-replication-cve-2025-23120/

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: blog.rapid7.com
      Critical Veeam Backup & Replication CVE-2025-23120 | Rapid7 Blog

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.