6 matches found
Alibaba Cloud Linux 3 : 0038: grafana (ALINUX3-SA-2024:0038)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0038 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-3128: Grafana is validating Azure AD...
Symantec Messaging Gateway 10 Exposure Of Stored AD Password
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest' require "openssl" class MetasploitModule 'Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability', 'Description' = %q This module wi...
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors since November 2022. "The threat actors behind the campaign are targeting Facebook business accounts by using...
Reddit: Email Verification Bypass And Get access to user's private invitation.
Part 2 of my previous report : https://hackerone.com/reports/1225499 I am sending this report again because you closed my previous report. i posed new impact of this vulnerability in my previous report but i didn't get any reply. So i reported it again. First Vulnerability : Email verification...
Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability
This module will grab the AD account saved in Symantec Messaging Gateway and then decipher it using the disclosed Symantec PBE key. Note that authentication is required in order to successfully grab the LDAP credentials, and you need at least a read account. Version 10.6.0-7 and earlier are...
PowerShell Incident Response: Psrecon
Psrecon is an open source script that you can use to gather data from a remote Windows host using PowerShell v2 or later, organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushe...