ya--madaのブックマーク - はてなブックマーク

YetiHunter: Open-source threat hunting tool for Snowflake environments - Help Net Security

ya--mada 2024/06/15

snowflake自体の認証ログをSQLライクに参照出来るんですね。 https://community.snowflake.com/s/article/How-to-connect-to-Snowflake-from-DBeaver

リンク

15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) - Help Net Security

ya--mada 2024/05/28

あとで読む

リンク

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) - Help Net Security

Please turn on your JavaScript for this page to function normally. New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed version control system for collaborative software development. It can be installed on machines runn

ya--mada 2024/05/18

visual studioの話か

リンク

Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) - Help Net Security

ya--mada 2024/05/09

あとで読む

リンク

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks - Help Net Security

ya--mada 2024/05/05

あとで読む

リンク

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades - Help Net Security

ya--mada 2024/05/01

あとで読む

リンク

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) - Help Net Security

ya--mada 2024/04/12

あとで読む

リンク

Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning - Help Net Security

ya--mada 2024/04/05

あとで読む

リンク

Week in review: Ivanti fixes RCE vulnerability, Nissan breach affects 100,000 individuals - Help Net Security

ya--mada 2024/03/25

あとで読む

リンク

Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337) - Help Net Security

ya--mada 2024/03/10

あとで読む

リンク

Battery maker Varta halts production after cyberattack - Help Net Security

ya--mada 2024/02/15

あとで読む

リンク

Key strategies for ISO 27001 compliance adoption - Help Net Security

ya--mada 2024/02/14

27001って、どう変わったんすか？

リンク

SiCat: Open-source exploit finder - Help Net Security

ya--mada 2024/02/14

あとで読む

リンク

Week in review: 10 must-read cybersecurity books, AnyDesk hack, Patch Tuesday forecast - Help Net Security

ya--mada 2024/02/11

あとで読む

リンク

PoC for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204) - Help Net Security

ya--mada 2024/01/26

またかあ、一度、派手に脆弱性が見つかると次々と発覚する。javaなのかな？

リンク

Attackers can steal NTLM password hashes via calendar invites - Help Net Security

ya--mada 2024/01/23

あとで読む

リンク

Attribute-based encryption could spell the end of data compromise - Help Net Security

ya--mada 2024/01/21

あとで読む

リンク

Subdominator: Open-source tool for detecting subdomain takeovers - Help Net Security

ya--mada 2023/12/28

あとで読む

リンク

New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164) - Help Net Security

Please turn on your JavaScript for this page to function normally. The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an attacker to manipulate file upload parameters to enable path traversal. Under some