CipherTechs, Inc.

693 posts

CipherTechs, Inc.

@CipherTechs

CipherTechs is a global Cyber Security service provider founded in 2001 that remains privately held with headquarters in New York City.

New York, NY Присоединился Mayıs 2010

296 Подписки364 Подписчики

Закреплённый твит

CipherTechs, Inc.@CipherTechs·27 Mar

CipherTechs discovered an admin authentication bypass 0day in JFrog Artifactory. ciphertechs.com/jfrog-artifact…. Patches and work around are available. Be sure to find out if your in-house dev team uses Artifactory. Shout-outs to @jfrog for their vuln disclosure process!

English

CipherTechs, Inc.@CipherTechs·22 Ağu

Update Chrome! chromereleases.googleblog.com/2022/08/stable…

English

CipherTechs, Inc.@CipherTechs·3 Ağu

Auth bypass affecting multiple VMware products kb.vmware.com/s/article/89096

English

CipherTechs, Inc. ретвитнул

mgeeky | Mariusz Banach@mariuszbit·13 Tem

- "... and then he said to sign my malware.exe with faked Microsoft cert to evade AVs/EDRs. Would you believe?" (￣y▽￣)╭ Ohohoho..... Sign-Artifact.ps1 - based on @mattifestation research & implementation shamelessly borrowed here: github.com/mgeeky/Penetra…

English

325

CipherTechs, Inc.@CipherTechs·25 Tem

Patch Atlassian products: confluence.atlassian.com/security/july-…

English

CipherTechs, Inc.@CipherTechs·10 Tem

OpenSSL RCE openssl.org/news/secadv/20…

Dansk

CipherTechs, Inc.@CipherTechs·8 Haz

zyxel.com/support/Zyxel-… Pedro and Darren from CipherTechs Red Team credited in Zyxel advisory

English

CipherTechs, Inc.@CipherTechs·3 Haz

Months of fun for pentesters - new Confluence exploitable bug cisa.gov/uscert/ncas/cu…

English

CipherTechs, Inc.@CipherTechs·30 May

cisa.gov/known-exploite… sort by date added. These are actively exploited bugs - good priority list for patching.

English

CipherTechs, Inc.@CipherTechs·19 May

cisa.gov/uscert/ncas/al… there's been a few of these. Along with patching, be sure to remove management interfaces from the Internet.

English

CipherTechs, Inc.@CipherTechs·22 Nis

WSO2 exploit for CVE-2022-29464 is now public github.com/hakivvi/CVE-20… Patch details here docs.wso2.com/display/Securi…

English

CipherTechs, Inc.@CipherTechs·30 Mar

@dio9sys We'd love to talk to you. Fully remote position, opportunities to work SOC, develop detections, automation, write Python, and get real-world DFIR experience

English

Dio9sys@dio9sys·28 Mar

Anybody know of a good remote soc job I could apply for? I've got 1.5 years soc analyst experience, more years general tech experience, know my way around the terminal, elk stack and splunk and am learning dfir. Can't go into details, but my current company is going nuclear

English

CipherTechs, Inc.@CipherTechs·29 Mar

Senior Penetration Tester infosec-jobs.com/job/9860-senio…

English

CipherTechs, Inc. ретвитнул

vx-underground@vxunderground·22 Mar

LAPSUS$ extortion group claims to have breached @Okta. They have released 8 photos as proof. The photos we are sharing has been edited so no sensitive information or user identities are displayed. Image 1 - 4 attached below.

English

265

680

CipherTechs, Inc. ретвитнул

SecureWorld@SecureWorld·17 Mar

Sandy Bacik, Director of Audit and Compliance at @CipherTechs, will present on PCI 4.0 next week at SecureWorld Philadelphia. See the conference agenda and register here: hubs.li/Q0168mQt0 #SWPHL22 #GRC

English

CipherTechs, Inc.@CipherTechs·17 Mar

Another fun Linux LPE dirtypipe.cm4all.com

English

CipherTechs, Inc.@CipherTechs·11 Mar

container escape unit42.paloaltonetworks.com/cve-2022-0492-…. "Containers running with AppArmor, SELinux or Seccomp are protected"

English

CipherTechs, Inc.@CipherTechs·17 Şub

Zabbix RCE twitter.com/SonarSource/st…

Sonar@SonarSource

Our researchers discovered a high-severity code vulnerability in the open-source monitoring platform Zabbix. Learn more about this authentication bypass in our latest publication🔥 blog.sonarsource.com/zabbix-case-st… #appsec #cve-2022-23131 #cve-2022-23134

English

CipherTechs, Inc.@CipherTechs·27 Oca

blog.qualys.com/vulnerabilitie… Polkit LPE. Reminder to make removing setuid part of your standard Linux builds.

English

CipherTechs, Inc. ретвитнул

The DFIR Report@TheDFIRReport·5 Ağu

Can confirm! ➡️Splashtop SRUtility.exe ➡️AnyDesk AnyDesk.exe AnyDeskMSI.exe ➡️Atera AteraAgent.exe AgentPackageSTRemote.exe AgentPackageHeartbeat.exe AgentPackageWindowsUpdate.exe AgentPackageADRemote.exe Thanks for sharing @AltShiftPrtScn!

PeterM🌻@AltShiftPrtScn

#Conti ransomware affiliates using AnyDesk, Atera, Splashtop, Remote Utilities and ScreenConnect to maintain network access. During initial stage of IR I recommend blocking ALL remote access tools via Application Control policies, allow only the ones required & monitor their use.

English

132

CipherTechs, Inc.@CipherTechs·17 Oca

Arbitrary file write on Windows domain controllers bugs.chromium.org/p/project-zero…. Microsoft guidance here msrc.microsoft.com/update-guide/v…

English

Открыть

@mattifestation @dio9sys @okta @AltShiftPrtScn @elonmusk @BarackObama @taylorswift13 @cristiano