home.social

Search

17 results for “sma1”

  1. Pyrzout :vm: @[email protected] ·

    Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) helpnetsecurity.com/2025/05/08 #securityupdate #vulnerability #Don'tmiss #SonicWall #Hotstuff #Rapid7 #News #SMBs #VPN

    #securityupdate #vulnerability #don #sonicwall #hotstuff #rapid7
  2. The DefendOps Diaries @[email protected] ·

    SonicWall’s SMA100 devices are in the spotlight after some dangerous vulnerabilities were discovered—think of it like leaving your front door wide open. Are your defenses up to speed to block these potential intruders?

    thedefendopsdiaries.com/unders

    #sonicwall
    #cybersecurity
    #vpnsecurity
    #vulnerabilitymanagement
    #infosec

    #sonicwall #cybersecurity #vpnsecurity #vulnerabilitymanagement #infosec
  3. The DefendOps Diaries @[email protected] ·

    SonicWall’s SMA100 devices are in the spotlight after some dangerous vulnerabilities were discovered—think of it like leaving your front door wide open. Are your defenses up to speed to block these potential intruders?

    thedefendopsdiaries.com/unders

    #sonicwall
    #cybersecurity
    #vpnsecurity
    #vulnerabilitymanagement
    #infosec

    #infosec #vulnerabilitymanagement #vpnsecurity #cybersecurity #sonicwall
  4. circl @[email protected] ·

    A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

    #sonicwall #vulnerabilitymanagement #cybersecurity

    CVE-2025-40602

    🔗 vulnerability.circl.lu/vuln/CV

    #sonicwall #vulnerabilitymanagement #cybersecurity
  5. circl @[email protected] ·

    A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

    #sonicwall #vulnerabilitymanagement #cybersecurity

    CVE-2025-40602

    🔗 vulnerability.circl.lu/vuln/CV

    #sonicwall #vulnerabilitymanagement #cybersecurity
  6. circl @[email protected] ·

    A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

    #sonicwall #vulnerabilitymanagement #cybersecurity

    CVE-2025-40602

    🔗 vulnerability.circl.lu/vuln/CV

    #sonicwall #vulnerabilitymanagement #cybersecurity
  7. circl @[email protected] ·

    A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

    #sonicwall #vulnerabilitymanagement #cybersecurity

    CVE-2025-40602

    🔗 vulnerability.circl.lu/vuln/CV

    #cybersecurity #vulnerabilitymanagement #sonicwall
  8. circl @[email protected] ·

    A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).

    #sonicwall #vulnerabilitymanagement #cybersecurity

    CVE-2025-40602

    🔗 vulnerability.circl.lu/vuln/CV

    #sonicwall #vulnerabilitymanagement #cybersecurity
  9. Pyrzout :vm: @[email protected] ·

    U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com ciso2ciso.com/u-s-cisa-adds-so #KnownExploitedVulnerabilitiesCatalog #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs

    #knownexploitedvulnerabilitiescatalog #rssfeedpostgeneratorecho #informationsecuritynews #itinformationsecurity #securityaffairscom #cybersecuritynews
  10. dawnfry @[email protected] ·

    @BootyLasher
    Personally, I know someone who used to work in social services connecting people to low-cost medication options. I’m sure she still knows people and can get the word out about Naloxone now being over the counter to both government and local social service agencies.

    If I can get a copy of the instructions, I can probably make a web page that is an accessible and layman-friendly copy. (My field is instructional design.) If I can’t get it done (disability) I may rope in a couple of coworker/friends into the project. Then people can just pass around the link through social media.

    (See above in this thread for ways other people can help.)

    There’s a lot of good information here, but it’s too dense of a text for emergency needs. What people need is more of a job aid style document they can print out and put with the med or on the fridge.

    store.samhsa.gov/sites/default

    #Naloxone
    #Opioids
    #OpioidEpidemic
    #StopOpioidDeaths
    #Medical
    #MedicalActivism
    #MedicalEducation

    #naloxone #opioids #opioidepidemic #stopopioiddeaths #medical #medicalactivism
  11. dawnfry @[email protected] ·

    @BootyLasher
    Personally, I know someone who used to work in social services connecting people to low-cost medication options. I’m sure she still knows people and can get the word out about Naloxone now being over the counter to both government and local social service agencies.

    If I can get a copy of the instructions, I can probably make a web page that is an accessible and layman-friendly copy. (My field is instructional design.) If I can’t get it done (disability) I may rope in a couple of coworker/friends into the project. Then people can just pass around the link through social media.

    (See above in this thread for ways other people can help.)

    There’s a lot of good information here, but it’s too dense of a text for emergency needs. What people need is more of a job aid style document they can print out and put with the med or on the fridge.

    store.samhsa.gov/sites/default

    #Naloxone
    #Opioids
    #OpioidEpidemic
    #StopOpioidDeaths
    #Medical
    #MedicalActivism
    #MedicalEducation

    #naloxone #opioids #opioidepidemic #stopopioiddeaths #medical #medicalactivism
  12. dawnfry @[email protected] ·

    @BootyLasher
    Personally, I know someone who used to work in social services connecting people to low-cost medication options. I’m sure she still knows people and can get the word out about Naloxone now being over the counter to both government and local social service agencies.

    If I can get a copy of the instructions, I can probably make a web page that is an accessible and layman-friendly copy. (My field is instructional design.) If I can’t get it done (disability) I may rope in a couple of coworker/friends into the project. Then people can just pass around the link through social media.

    (See above in this thread for ways other people can help.)

    There’s a lot of good information here, but it’s too dense of a text for emergency needs. What people need is more of a job aid style document they can print out and put with the med or on the fridge.

    store.samhsa.gov/sites/default

    #Naloxone
    #Opioids
    #OpioidEpidemic
    #StopOpioidDeaths
    #Medical
    #MedicalActivism
    #MedicalEducation

    #naloxone #opioids #opioidepidemic #stopopioiddeaths #medical #medicalactivism
  13. Opalsec :verified: @[email protected] ·

    Happy Monday folks, I hope you had a restful weekend and managed to take a breather from all things cyber! Time to get back into it though, so let me give you hand - catch up on the week’s infosec news with the latest issue of our newsletter:

    opalsec.substack.com/p/soc-gou

    #Emotet are back and are using…OneNote lures? ISO disk images? Malvertising? Nah – they’re sticking with tier tried and true TTPs – their Red Dawn maldoc template from last year; macro-enabled documents as lures, and null-byte padding to evade automated scanners.

    We’ve highlighted a report on the Xenomorph #Android Banking Trojan, which added support for targeting accounts of over 400 banks; automated bypassing of MFA-protected app logins, and a Session Token stealer module. With capabilities like these becoming the norm, is it time to take a closer look at the threat Mobile Malware could pose to enterprise networks?

    North Korean hackers have demonstrated yet again that they’re tracking and integrating the latest techniques, and investing in malware development. A recent campaign saw eight new pieces of malware distributed throughout the kill chain, leveraging #Microsoft #InTune to deliver payloads and an in-memory dropper to abuse the #BYOVD technique and evade EDR solutions.

    A joint investigation by #Mandiant and #SonicWall has unearthed a two-year campaign by Chinese actors, enabled through exploitation of unpatched SMA100 appliances and delivery of tailored payloads. A critical vulnerability reported by #Fortinet this week helps reinforce the point that perimeter devices need to be patched with urgency, as it’s a well-documented target for Chinese-affiliated actors.

    #HiatusRAT is a novel malware targeting #DrayTek routers, sniffing network traffic and proxying C2 traffic to forward-deployed implants. TTPs employed in recent #BatLoader and #Qakbot campaigns are also worth taking note of, as is #GoBruteforcer, a new malware family targeting specific web server applications to brute force logins and deploy an IRC bot for C2.

    Those in Vulnerability Management should take particular note of the #Veeam vulnerability, which appears trivial to exploit and actually delivers plaintext credentials to the attacker. CISA have also taken note of nearly 40k exploit attempts of a 2 year old code-exec-as-root vulnerability in the #VMWare Cloud Foundation product in the last two months, so make sure you’re patched against it.

    #Redteam members have some excellent reading to look forward to, looking at HTTP request smuggling to harvest AD credentials and persisting with a MitM Exchange server, as well as a detailed post that examines #CobaltStrike’s reflective loading capability;

    The #blueteam has some great tradecraft tips from @inversecos on #Azure DFIR, as well as tools to help scan websites for malicious objects, and to combat the new #Stealc #infostealer and well-established Raccoon Stealer.

    Catch all this and much more in this week's newsletter:

    opalsec.substack.com/p/soc-gou

    #infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #newsletter #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #mdm #dprk #FortiOS #FortiProxy

    #emotet #android #microsoft #intune #byovd #mandiant
  14. Opalsec :verified: @[email protected] ·

    Happy Monday folks, I hope you had a restful weekend and managed to take a breather from all things cyber! Time to get back into it though, so let me give you hand - catch up on the week’s infosec news with the latest issue of our newsletter:

    opalsec.substack.com/p/soc-gou

    #Emotet are back and are using…OneNote lures? ISO disk images? Malvertising? Nah – they’re sticking with tier tried and true TTPs – their Red Dawn maldoc template from last year; macro-enabled documents as lures, and null-byte padding to evade automated scanners.

    We’ve highlighted a report on the Xenomorph #Android Banking Trojan, which added support for targeting accounts of over 400 banks; automated bypassing of MFA-protected app logins, and a Session Token stealer module. With capabilities like these becoming the norm, is it time to take a closer look at the threat Mobile Malware could pose to enterprise networks?

    North Korean hackers have demonstrated yet again that they’re tracking and integrating the latest techniques, and investing in malware development. A recent campaign saw eight new pieces of malware distributed throughout the kill chain, leveraging #Microsoft #InTune to deliver payloads and an in-memory dropper to abuse the #BYOVD technique and evade EDR solutions.

    A joint investigation by #Mandiant and #SonicWall has unearthed a two-year campaign by Chinese actors, enabled through exploitation of unpatched SMA100 appliances and delivery of tailored payloads. A critical vulnerability reported by #Fortinet this week helps reinforce the point that perimeter devices need to be patched with urgency, as it’s a well-documented target for Chinese-affiliated actors.

    #HiatusRAT is a novel malware targeting #DrayTek routers, sniffing network traffic and proxying C2 traffic to forward-deployed implants. TTPs employed in recent #BatLoader and #Qakbot campaigns are also worth taking note of, as is #GoBruteforcer, a new malware family targeting specific web server applications to brute force logins and deploy an IRC bot for C2.

    Those in Vulnerability Management should take particular note of the #Veeam vulnerability, which appears trivial to exploit and actually delivers plaintext credentials to the attacker. CISA have also taken note of nearly 40k exploit attempts of a 2 year old code-exec-as-root vulnerability in the #VMWare Cloud Foundation product in the last two months, so make sure you’re patched against it.

    #Redteam members have some excellent reading to look forward to, looking at HTTP request smuggling to harvest AD credentials and persisting with a MitM Exchange server, as well as a detailed post that examines #CobaltStrike’s reflective loading capability;

    The #blueteam has some great tradecraft tips from @inversecos on #Azure DFIR, as well as tools to help scan websites for malicious objects, and to combat the new #Stealc #infostealer and well-established Raccoon Stealer.

    Catch all this and much more in this week's newsletter:

    opalsec.substack.com/p/soc-gou

    #infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #newsletter #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #mdm #dprk #FortiOS #FortiProxy

    #emotet #android #microsoft #intune #byovd #mandiant
  15. Opalsec :verified: @[email protected] ·

    Happy Monday folks, I hope you had a restful weekend and managed to take a breather from all things cyber! Time to get back into it though, so let me give you hand - catch up on the week’s infosec news with the latest issue of our newsletter:

    opalsec.substack.com/p/soc-gou

    #Emotet are back and are using…OneNote lures? ISO disk images? Malvertising? Nah – they’re sticking with tier tried and true TTPs – their Red Dawn maldoc template from last year; macro-enabled documents as lures, and null-byte padding to evade automated scanners.

    We’ve highlighted a report on the Xenomorph #Android Banking Trojan, which added support for targeting accounts of over 400 banks; automated bypassing of MFA-protected app logins, and a Session Token stealer module. With capabilities like these becoming the norm, is it time to take a closer look at the threat Mobile Malware could pose to enterprise networks?

    North Korean hackers have demonstrated yet again that they’re tracking and integrating the latest techniques, and investing in malware development. A recent campaign saw eight new pieces of malware distributed throughout the kill chain, leveraging #Microsoft #InTune to deliver payloads and an in-memory dropper to abuse the #BYOVD technique and evade EDR solutions.

    A joint investigation by #Mandiant and #SonicWall has unearthed a two-year campaign by Chinese actors, enabled through exploitation of unpatched SMA100 appliances and delivery of tailored payloads. A critical vulnerability reported by #Fortinet this week helps reinforce the point that perimeter devices need to be patched with urgency, as it’s a well-documented target for Chinese-affiliated actors.

    #HiatusRAT is a novel malware targeting #DrayTek routers, sniffing network traffic and proxying C2 traffic to forward-deployed implants. TTPs employed in recent #BatLoader and #Qakbot campaigns are also worth taking note of, as is #GoBruteforcer, a new malware family targeting specific web server applications to brute force logins and deploy an IRC bot for C2.

    Those in Vulnerability Management should take particular note of the #Veeam vulnerability, which appears trivial to exploit and actually delivers plaintext credentials to the attacker. CISA have also taken note of nearly 40k exploit attempts of a 2 year old code-exec-as-root vulnerability in the #VMWare Cloud Foundation product in the last two months, so make sure you’re patched against it.

    #Redteam members have some excellent reading to look forward to, looking at HTTP request smuggling to harvest AD credentials and persisting with a MitM Exchange server, as well as a detailed post that examines #CobaltStrike’s reflective loading capability;

    The #blueteam has some great tradecraft tips from @inversecos on #Azure DFIR, as well as tools to help scan websites for malicious objects, and to combat the new #Stealc #infostealer and well-established Raccoon Stealer.

    Catch all this and much more in this week's newsletter:

    opalsec.substack.com/p/soc-gou

    #infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #newsletter #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #mdm #dprk #FortiOS #FortiProxy

    #emotet #android #microsoft #intune #byovd #mandiant
  16. Opalsec :verified: @[email protected] ·

    Happy Monday folks, I hope you had a restful weekend and managed to take a breather from all things cyber! Time to get back into it though, so let me give you hand - catch up on the week’s infosec news with the latest issue of our newsletter:

    opalsec.substack.com/p/soc-gou

    #Emotet are back and are using…OneNote lures? ISO disk images? Malvertising? Nah – they’re sticking with tier tried and true TTPs – their Red Dawn maldoc template from last year; macro-enabled documents as lures, and null-byte padding to evade automated scanners.

    We’ve highlighted a report on the Xenomorph #Android Banking Trojan, which added support for targeting accounts of over 400 banks; automated bypassing of MFA-protected app logins, and a Session Token stealer module. With capabilities like these becoming the norm, is it time to take a closer look at the threat Mobile Malware could pose to enterprise networks?

    North Korean hackers have demonstrated yet again that they’re tracking and integrating the latest techniques, and investing in malware development. A recent campaign saw eight new pieces of malware distributed throughout the kill chain, leveraging #Microsoft #InTune to deliver payloads and an in-memory dropper to abuse the #BYOVD technique and evade EDR solutions.

    A joint investigation by #Mandiant and #SonicWall has unearthed a two-year campaign by Chinese actors, enabled through exploitation of unpatched SMA100 appliances and delivery of tailored payloads. A critical vulnerability reported by #Fortinet this week helps reinforce the point that perimeter devices need to be patched with urgency, as it’s a well-documented target for Chinese-affiliated actors.

    #HiatusRAT is a novel malware targeting #DrayTek routers, sniffing network traffic and proxying C2 traffic to forward-deployed implants. TTPs employed in recent #BatLoader and #Qakbot campaigns are also worth taking note of, as is #GoBruteforcer, a new malware family targeting specific web server applications to brute force logins and deploy an IRC bot for C2.

    Those in Vulnerability Management should take particular note of the #Veeam vulnerability, which appears trivial to exploit and actually delivers plaintext credentials to the attacker. CISA have also taken note of nearly 40k exploit attempts of a 2 year old code-exec-as-root vulnerability in the #VMWare Cloud Foundation product in the last two months, so make sure you’re patched against it.

    #Redteam members have some excellent reading to look forward to, looking at HTTP request smuggling to harvest AD credentials and persisting with a MitM Exchange server, as well as a detailed post that examines #CobaltStrike’s reflective loading capability;

    The #blueteam has some great tradecraft tips from @inversecos on #Azure DFIR, as well as tools to help scan websites for malicious objects, and to combat the new #Stealc #infostealer and well-established Raccoon Stealer.

    Catch all this and much more in this week's newsletter:

    opalsec.substack.com/p/soc-gou

    #infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #newsletter #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #mdm #dprk #FortiOS #FortiProxy

    #fortiproxy #fortios #dprk #mdm #darkweb #threatintelligence
  17. Opalsec :verified: @[email protected] ·

    Happy Monday folks, I hope you had a restful weekend and managed to take a breather from all things cyber! Time to get back into it though, so let me give you hand - catch up on the week’s infosec news with the latest issue of our newsletter:

    opalsec.substack.com/p/soc-gou

    #Emotet are back and are using…OneNote lures? ISO disk images? Malvertising? Nah – they’re sticking with tier tried and true TTPs – their Red Dawn maldoc template from last year; macro-enabled documents as lures, and null-byte padding to evade automated scanners.

    We’ve highlighted a report on the Xenomorph #Android Banking Trojan, which added support for targeting accounts of over 400 banks; automated bypassing of MFA-protected app logins, and a Session Token stealer module. With capabilities like these becoming the norm, is it time to take a closer look at the threat Mobile Malware could pose to enterprise networks?

    North Korean hackers have demonstrated yet again that they’re tracking and integrating the latest techniques, and investing in malware development. A recent campaign saw eight new pieces of malware distributed throughout the kill chain, leveraging #Microsoft #InTune to deliver payloads and an in-memory dropper to abuse the #BYOVD technique and evade EDR solutions.

    A joint investigation by #Mandiant and #SonicWall has unearthed a two-year campaign by Chinese actors, enabled through exploitation of unpatched SMA100 appliances and delivery of tailored payloads. A critical vulnerability reported by #Fortinet this week helps reinforce the point that perimeter devices need to be patched with urgency, as it’s a well-documented target for Chinese-affiliated actors.

    #HiatusRAT is a novel malware targeting #DrayTek routers, sniffing network traffic and proxying C2 traffic to forward-deployed implants. TTPs employed in recent #BatLoader and #Qakbot campaigns are also worth taking note of, as is #GoBruteforcer, a new malware family targeting specific web server applications to brute force logins and deploy an IRC bot for C2.

    Those in Vulnerability Management should take particular note of the #Veeam vulnerability, which appears trivial to exploit and actually delivers plaintext credentials to the attacker. CISA have also taken note of nearly 40k exploit attempts of a 2 year old code-exec-as-root vulnerability in the #VMWare Cloud Foundation product in the last two months, so make sure you’re patched against it.

    #Redteam members have some excellent reading to look forward to, looking at HTTP request smuggling to harvest AD credentials and persisting with a MitM Exchange server, as well as a detailed post that examines #CobaltStrike’s reflective loading capability;

    The #blueteam has some great tradecraft tips from @inversecos on #Azure DFIR, as well as tools to help scan websites for malicious objects, and to combat the new #Stealc #infostealer and well-established Raccoon Stealer.

    Catch all this and much more in this week's newsletter:

    opalsec.substack.com/p/soc-gou

    #infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #newsletter #hacking #security #technology #hacker #vulnerability #vulnerabilities #malware #ransomware #dfir #soc #threatintel #threatintelligence #DarkWeb #mdm #dprk #FortiOS #FortiProxy

    #emotet #android #microsoft #intune #byovd #mandiant