Peter Robards

2.9K posts

Peter Robards

@PeterRobards

IT Professional. Entertainer. Filmmaker. Writer.

United States Katılım Temmuz 2009

716 Takip Edilen319 Takipçiler

Peter Robards@PeterRobards·13 Haz

CVE-2023-27997 tracks a RCE flaw in Fortigate SSL-VPN devices and reports suggest it is likely already being actively exploited. Update your devices asap! Patches released in FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, & 7.2.5. #xortigate bleepingcomputer.com/news/security/…

English

430

Peter Robards retweetledi

Rachel Tobac@RachelTobac·17 Mar

Some say they feel nervous to use a password manager -- if that feeling is leading you to be less safe & reuse passwords (which btw is the easiest way for me to hack you bc that pw gets breached), then try this trick: 🧂Salt your password manager passwords🧂 Here's the trick:

CNN@CNN

Hackers aren't fooled when you change up your passwords with special characters. SocialProof Security CEO @RachelTobac tells Nightcap's @jonsarlin how to keep your accounts safe. For more, watch the full Nightcap episode: cnn.it/3LukShp

English

173

764

268.2K

Peter Robards retweetledi

Will@BushidoToken·2 Şub

⚠️ Patch now: CVSS 9.8 (Critical) SQLi in QNAP NAS, likely to be exploited by threat actors such as the operators of Deadbolt Ransomware as well as RaspberryRobin qnap.com/en/security-ad… Scans report by @censysio censys.io/cve-2022-27596/

English

Peter Robards retweetledi

MG@_MG_·23 Ara

Seeing lots of confusion about LastPass breach of encrypted vaults. The biggest risks for actually unlocking the vaults are: - phishing your master password - you having an ultra weak password, or something already known (ex: cred reuse or in a wordlist) 🧵1/n

English

18.1K

Peter Robards retweetledi

Rachel Tobac@RachelTobac·21 Kas

DraftKings users saying accounts are hacked & stealing large sums from bank accounts. Many claim 2FA enabled so while it's possible this hack was cred stuffing + 2FA code stealing or SIM swap, could also mean DraftKings themselves are dealing w/ compromise.actionnetwork.com/legal-online-s…

English

Peter Robards@PeterRobards·8 Kas

Get out and #vote! vote.org/polling-place-…

English

Peter Robards@PeterRobards·1 Kas

Excellent write-up about the recently patched #bufferoverflow vulnerability (CVE-2022-3602 & CVE-2022-3786) in #OpenSSL! Affects clients using OpenSSL 3.0.0 - 3.0.6. “Note: OpenSSL 3 is not the same as SSLv3. This vulnerability exists only in OpenSSL Version 3 and not SSLv3.”

English

Peter Robards@PeterRobards·24 Eki

Interesting write up dissecting the behavior of multiple #malware operations after exploiting CVE-2022-22954 (a RCE vulnerability in #VMware Workspace ONE Access) to gain access! This was patched back in April, but it’s still being actively probed for… fortinet.com/blog/threat-re…

English

Peter Robards@PeterRobards·11 Eki

"Fortinet is aware of an instance where this vulnerability [CVE-2022-40684] was exploited, and recommends immediately validating your systems against the following indicator of compromise in the device's logs: user="Local_Process_Access"..." #patchnow bleepingcomputer.com/news/security/…

English

Peter Robards@PeterRobards·9 Eki

"For years, macOS allowed any root certicate when checking code signatures, making code signing completely useless." 👀

raptor@0xdea

CVE-2022-26766: the CoreTrust bug "For years, macOS allowed any root certificate when checking code signatures, making code signing completely useless." // bug discovered by @LinusHenze // writeup by @zhuowei worthdoingbadly.com/coretrust/

English

Peter Robards@PeterRobards·7 Eki

If you rely on Fortinet’s FortiGate firewall or FortiProxy then you need to update ASAP! A critical authentication bypass vulnerability was discovered (CVE-2022-40684) allowing attackers to gain administrative control via malicious HTTP/HTTPS requests… bleepingcomputer.com/news/security/…

English

Peter Robards@PeterRobards·3 Eki

Excellent 🧵 discussing the two recently discovered zero-day vulnerabilities in Microsoft’s Exchange Server: CVE-2022-41040 (server-side request forgery), and CVE-2022-41082 (remote-code execution). Read the equally excellent more in-depth write-up here: doublepulsar.com/proxynotshell-…

English

Peter Robards@PeterRobards·20 Eyl

Good article discussing the recent successful #phishing attack against Uber. Key takeaway: “So far, the only forms of MFA that are phishing-resistant are those that comply with an industry standard known as FIDO2. It remains the MFA gold standard.” arstechnica.com/information-te…

English

Peter Robards@PeterRobards·20 Eyl

Great thread 🧵 about enabling MFA Number Matching for Azure and Office 365 environments. For organizations that are stuck relying on push notifications this is a good first step towards hampering MFA fatigue attacks that recently compromised companies like Uber, Cisco, et al.

Sean Metcalf@PyroTek3

Due to breaches involving MFA bombing (attacker keeps sending MFA requests until accepted) now is the time for organizations with Office 365 to enable MFA number matching in Microsoft Authenticator. You can deploy to a group before configuring for all. docs.microsoft.com/en-us/azure/ac… 1/3

English

Peter Robards retweetledi

Tabletop Scenarios@badthingsdaily·18 Eyl

An employee is repeatedly receiving MFA push notifications.

English

554

Peter Robards retweetledi

Rachel Tobac@RachelTobac·18 Ağu

🚨ATTENTION🚨 Apple found two 0-days actively in use that could effectively give attackers full access to device. For most folks: update software by end of day If threat model is elevated (journalist, activist, targeted by nation states, etc): update now techcrunch.com/2022/08/17/iph…

English

3.3K

Peter Robards@PeterRobards·15 Ağu

Some fallout from the recent successful #phishing attack against #twilio… If you rely on Signal, today is a great day to consider enabling registration lock on your account!

Signal@signalapp

Recently @twilio, which provides SMS verification services for Signal, suffered a phishing attack. Via Twilio, attackers may have accessed phone numbers & SMS registration codes for 1,900 Signal users. 1/

English

Peter Robards@PeterRobards·10 Ağu

Great thread 🧵 discussing a sophisticated SMS #phishing attack (very similar to the successful one against Twilio reported yesterday) and how #Cloudflare successfully thwarted it via defense in depth and relying on FIDO security keys as their MFA…

Rachel Tobac@RachelTobac

*Update on SMS Phish Methods* Cloudflare saw similar attack as Twilio, stages: 1.SMS phish 2.Cred harvest page (Okta, etc) 3.Creds relayed fast to attacker via Telegram 4.TOTP harvest page 5.TOTP relay to attacker 6.Anydesk payload (remote access tool) blog.cloudflare.com/2022-07-sms-ph…

English

Peter Robards retweetledi

Rachel Tobac@RachelTobac·8 Ağu

Twilio published an incident here that used social engineering on employees to gain access to credentials then internal systems via SMS phishing. Criminals pretexted as IT Support & used SSO likeness w/in domain. Recommend FIDO security keys for this team! twilio.com/blog/august-20…

English

108

359

Keşfet

@censysio @elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA @nikifrancismediavine