Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/111585641542033830">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 18-Jan-2024 01:22:59 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/111580999821229662" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p>A bit more on the CVE-2023-50164 hype train - Akamai are seeing same as myself and <a href="https://infosec.exchange/@shadowserver">@shadowserver</a> - </p><p><a href="https://www.akamai.com/blog/security-research/apache-struts-cve-exploitation-attempts" rel="nofollow noreferrer">https://www.akamai.com/blog/security-research/apache-struts-cve-exploitation-attempts</a></p><p>Rather bafflingly I keep seeing people at security resellers trying to claim this is evidence of "nation state zero days".</p><p>To be super clear about this one, the request below is for a specific Tomcat webapp called 'upload' - the webapp has exactly one function, upload, which is set up to be exploitable by this CVE.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2601140#notice-5151855">In conversation</a><time datetime="2024-01-18T01:22:59+09:00" title="Thursday, 18-Jan-2024 01:22:59 JST">about a year ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/111585641542033830" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/111585641542033830">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2126444">Untitled attachment</a></label><br><a href="https://cyberplace.social/system/media_attachments/files/111/585/631/735/499/700/original/8765b1a7194905ab.png" rel="external">https://cyberplace.social/system/media_attachments/files/111/585/631/735/499/700/original/8765b1a7194905ab.png</a></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/2126451">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Thursday, 18-Jan-2024 01:22:59 JSTKevin Beaumont
in reply to
- The Shadowserver Foundation
A bit more on the CVE-2023-50164 hype train - Akamai are seeing same as myself and @shadowserver -
https://www.akamai.com/blog/security-research/apache-struts-cve-exploitation-attempts
Rather bafflingly I keep seeing people at security resellers trying to claim this is evidence of "nation state zero days".
To be super clear about this one, the request below is for a specific Tomcat webapp called 'upload' - the webapp has exactly one function, upload, which is set up to be exploitable by this CVE.
In conversationabout a year ago from cyberplace.socialpermalink
Attachments
1. Untitled attachment
  https://cyberplace.social/system/media_attachments/files/111/585/631/735/499/700/original/8765b1a7194905ab.png
2. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice