Found 15 bookmarks
Newest
PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks
PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks
Recent findings by Aqua Nautilus have exposed significant flaws that are still active in the PowerShell Gallery's policy regarding package names and owners. These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package. Consequently, these flaws pave the way for potential supply chain attacks on the registry's vast user base.
#aquasec#EN#2023#PowerHell#PowerShell#Gallery#typosquatting
·blog.aquasec.com·
PowerHell: Active Flaws in PowerShell Gallery Expose Users to Attacks
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After successful validation, it was immediately
#zerodayinitiative#EN#2022#0-day#CVE-2022-41040#CVE-2022-41082#PowerShell
·zerodayinitiative.com·
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After successful validation, it was immediately
#zerodayinitiative#EN#2022#0-day#CVE-2022-41040#CVE-2022-41082#PowerShell
·zerodayinitiative.com·
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend