CVE-2022-2780

In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack...

Cross site request forgery (csrf)

In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack...

CVE-2022-2780

CVE-2022-2780 affects Octopus Server. The issue arises when using the Git Connectivity test function on the VCS project, which can initiate an SMB request and potentially enable an NTLM relay attack. Connected sources confirm the vulnerability and its impact, but do not uniformly provide concrete...

PT-2022-18595 · Unknown · Octopus Server

Name of the Vulnerable Software and Affected Versions: Octopus Server affected versions not specified Description: The issue allows an attacker to use the Git Connectivity test function on the VCS project to initiate an SMB request, potentially leading to an NTLM relay attack. Recommendations: At...

CVE-2022-2780

In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack...

Relay Attack against Teslas

Nice work: Radio relay attacks are technically complicated to execute, but conceptually easy to understand: attackers simply extend the range of your existing key using what is essentially a high-tech walkie-talkie. One thief stands near you while youre in the grocery store, intercepting your key...

DFSCoerce, a new NTLM relay attack, can take control over a Windows domain

A researcher has published a Proof-of-Concept PoC for an NTLM relay attack dubbed DFSCoerce. The method leverages the Distributed File System: Namespace Management Protocol MS-DFSNM to seize control of a Windows domain. Active Directory A directory service is a hierarchical arrangement of objects...

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System DFS: Namespace Management Protocol MS-DFSNM to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service...

A week in security (May 16 – 22)

Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sites How COVID-19 fuelled a surge in malware Why MRG-Effitas matters to SMBs “Look what I found here” phish targets Facebook users AirTag stalking: What is it, and how can I avoid it? Long lost @ symbol get...

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy BLE, a wireless technology...

Input validation

Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program or theft of NTLM credentials via an SMB relay attack,...

CVE-2022-29281

Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program or theft of NTLM credentials via an SMB relay attack,...

CVE-2022-24853

Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result ...

Input validation

Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result ...

CVE-2022-24853

CVE-2022-24853 affects Metabase (GeoJSON support via a URL-loading proxy). The issue arises from a proxy that loads arbitrary URLs for JSON maps; while validation prevents returning arbitrary URL contents, a crafted request can trigger file access on Windows, enabling an NTLM relay attack and pot...

CVE-2022-24853 File system exposure in Metabase

Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result ...

CVE-2022-24853 File system exposure in Metabase

Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result ...

CVE-2022-24853 File system exposure in Metabase

Metabase is an open source business intelligence and analytics application. Metabase has a proxy to load arbitrary URLs for JSON maps as part of our GeoJSON support. While we do validation to not return contents of arbitrary URLs, there is a case where a particularly crafted request could result ...

PT-2022-09: Insufficient validation of file paths and Path Traversal in Veeam Backup & Replication

The vulnerability was identified in Veeam Backup & Replication versions 9.5, 10, 11. The discovered vulnerability allows an attaker to perform an NTLM-relay attack on behalf of the account under which the service is running, uploading arbitrary files from arbitrary paths to the VBR server,...

Microsoft Windows SMB Direct Session Takeover Exploit

This Metasploit module will intercept direct SMB authentication requests to another host, gaining access to an authenticated SMB session if successful. If the connecting user is an administrator and network logins are allowed to the target machine, this module will execute an arbitrary payload. T...