Empowering employees to securely work from anywhere with an internet-first model and Zero Trust

Like many this year, our Microsoft workforce had to quickly transition to a work from the home model in response to COVID-19. While nobody could have predicted the world’s current state, it has provided a very real-world test of the investments we have made implementing a Zero Trust security mode...

Shopify: Ability to potentially hit internal NGINX locations on *.myshopify.com by making use of the `X-Accel-Redirect` header via a configured App Proxy

By making use of the Shopify App Proxy and the X-Accel feature of NGINX, it is possible to hit any configured internal NGINX location as your current configuration is not ignoring the X-Accel-Redirect header response from an upstream service. The way it works is that NGINX allows internal...

Shopify: Path Traversal in App Proxy

Hi, I found app proxy is vulnerable to path traversal, the attacker scenario is from anonymous user to oauth app owner. Description In app proxy function, it is possible proxy request to shopify custom domain request to oauth app store defined host, and because shopify didn't escape the ../, it...

Untangle NGFW 12.1.0 Beta - 'execEvil()' Command Injection

!/usr/bin/python Title: Untangle NGFW "...

Untangle NGFW 12.1.0 Beta - execEvil() Command Injection

Untangle NGFW 12.1.0 Beta - execEvil Command Injection !/usr/bin/python Title: Untangle NGFW = v12.1.0 beta execEvil authenticated root CI exploit CVE: Not yet assigned Discovery: Matt Bush @3xocyte Exploit: Matt Bush Contact: [email protected] Disclosure Timeline: 22/4/2016 Attempted t...

Untangle NGFW 12.1.0 Beta execEvil() Command Injection

!/usr/bin/python Title: Untangle NGFW " print "! and in a separat...