Notices by raptor :C_H: (raptor@infosec.exchange)

Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Thursday, 18-Sep-2025 03:33:12 JST raptor :C_H:
in reply to
- Kevin Beaumont
- James Forshaw :donor:
@GossiTheDog @tiraniddo Dirk-jan is a friend and a fantastic hacker, but I don’t think he was the original discoverer of ZeroLogon https://dirkjanm.io/a-different-way-of-abusing-zerologon/
In conversation about 8 months ago from infosec.exchange permalink
Attachments
1. Domain not in remote thumbnail source whitelist: dirkjanm.io
  
  A different way of abusing Zerologon (CVE-2020-1472)
  
  In August 2020, Microsoft patched CVE-2020-1472 aka Zerologon. This is in my opinion one of the most critical Active Directory vulnerabilities of the past few years, since it allows for instant escalation to Domain Admin without credentials. The most straightforward way to exploit this involves changing the password of a Domain Controller computer account. This is a risky move and could potentially break things in the environment. In this blog we explore a new way to exploit this vulnerability, which though it has a few more prerequisites, is safer to use for security professionals assessing network security. We’ll also dive a bit more into the authentication protocols in Active Directory and how they can be tied in with the Zerologon vulnerability. While this is a different way of exploiting the vulnerability, it does not bypass the mitigations released, so if you have already installed the August 2020 patches, you are also protected from this attack.
Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Sunday, 25-May-2025 21:03:35 JST raptor :C_H:

“Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physically proximate attackers to cause a denial of service (device malfunction and system crash) via a resonant-frequency attack with the audio signal from the Rhythm Nation music video. A reported product is Seagate STDT4000100 763649053447.”
https://nvd.nist.gov/vuln/detail/CVE-2022-38392

In conversation about a year ago from infosec.exchange permalink
Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Thursday, 27-Feb-2025 00:33:47 JST raptor :C_H:

rotfl https://hackerone.com/reports/2293343
In conversation about a year ago from infosec.exchange permalink
Attachments
1. Domain not in remote thumbnail source whitelist: profile-photos.hackerone-user-content.com
  
  GitLab disclosed on HackerOne: Account Takeover via Password Reset...
  
  @asterion04 submitted a report to GitLab. Summary I found a way to change the password of a GitLab account via the password reset form and successfully retrieve the final reset link without user interactions, using just its email address. Steps to reproduce Go to "Forgot Your Password?" link Enter the victim's email and intercept the submit request via Burp Suite . Then right-click on the...
Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Friday, 06-Dec-2024 23:55:39 JST raptor :C_H:
- Synacktiv
Automated #Network #Security with #Rust: Detecting and Blocking Port Scanners by @synacktiv
https://www.synacktiv.com/en/publications/automated-network-security-with-rust-detecting-and-blocking-port-scanners
In conversation Friday, 06-Dec-2024 23:55:39 JST from infosec.exchange permalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.synacktiv.com
  
  Automated Network Security with Rust: Detecting and Blocking Port Scanners
  
  from @Synacktiv
  
  Introduction In today’s digital age, protecting networks from malicious activities is crucial.
Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Friday, 02-Feb-2024 02:32:29 JST raptor :C_H:
in reply to
- Matthew Green
- Ryan Castellucci (they/them) :nonbinary_flag:
@ryanc @matthew_d_green awesome, thanks for sharing this!

In conversation Friday, 02-Feb-2024 02:32:29 JST from infosec.exchange permalink
Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Thursday, 11-Jan-2024 15:09:27 JST raptor :C_H:

NPM registry prank leaves developers unable to unpublish packages
On Dec. 29, a package titled “everything” was published to the registry, which is designed to install all other public packages in the registry. This created a registry-wide web of dependencies that effectively disabled the ability to unpublish packages on the site, as packages that other packages are dependent on cannot be unpublished. 🤣🤣🤣
https://www.scmagazine.com/news/npm-registry-prank-leaves-developers-unable-to-unpublish-packages

In conversation Thursday, 11-Jan-2024 15:09:27 JST from infosec.exchange permalink
Embed this notice
raptor :C_H: (raptor@infosec.exchange)'s status on Wednesday, 23-Nov-2022 15:11:30 JST raptor :C_H:

The "#Vulnerabilities 1001: C-Family Software Implementation Vulnerabilities" free course by #OpenSecurityTraining2 is awesome and very recommended to all developers and beginner code auditors.
https://ost2.fyi/Vulns1001
Also, make sure to check out all the other high-quality, free #OST2 training courses.
In conversation Wednesday, 23-Nov-2022 15:11:30 JST from infosec.exchange permalink
Attachments
1. Example Vulns1001 course slide
  https://media.infosec.exchange/infosecmedia/media_attachments/files/109/389/703/520/078/015/original/4e64bc97508a897b.jpeg
2. Untitled attachment

Public

Notices by raptor :C_H: (raptor@infosec.exchange)

User actions

Following 0

Followers 0

Groups 0

Statistics

Feeds