SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately https://t.co/lMzIeVj0Qs https://t.co/vVTcshafwX
HAKFLOW的动态
最相关的动态
-
[CVE-2024-11237: HIGH] Critical vulnerability in TP-Link VN020 F3v(T) TT_V6.2.1021's DHCP DISCOVER Packet Parser allows remote stack-based buffer overflow attacks via hostname manipulation. Public exploit disclosed. Take precautions. https://lnkd.in/eyQwPJqG
-
-
[CVE-2024-6424: CRITICAL] Vulnerability in MESbook 20221021.03 allows remote attackers to access files & network resources via "/api/Proxy/Post" endpoint. Update to secure against external server-side request exploit. https://lnkd.in/ekUaetbi
-
-
Cybersecurity Enthusiast - I shared "Cybersecurity News Everyday" Twitter/X @TweetThreatNews
Critical vulnerabilities in Planet Technology's WGS-804HPT switches allow for remote code execution. Patches are available for CVE-2024-52558, CVE-2024-52320, and CVE-2024-48871. ?? #PlanetTechnology #IndustrialControl #USA #CybersecurityNews Link: https://ift.tt/DL3yH8N
-
-
#Phlashing Attack #What is Phlashing? Phlashing is a type of Denial of Service (DoS) Attack, also known as a Permanent Denial of Service Attack (PDoS) which is very severe because there is no way to undo this attack’s consequences as it damages/corrupts the system to such an extreme level that there is no other way except to replace or reinstall the Hardware and this may also result in permanent data loss. It was first demonstrated by HP’s Head of System Security when they noticed a flaw/vulnerability, that ultimately lead to the crashing of the system. Reference: https://lnkd.in/guz2pPDJ
-
-
"Network Nightmare" Mindmap. It is a mindmap for conducting network attacks. For the most part, it will be useful to pentesters or red team operators. ? Traffic Hijacking; ? MiTM Attacks; ? Dynamic IGP Routing; ? Configuration Exfiltration; ? DoS; ? NAC/802.1X Bypassing; ? GRE Pivoting; ? Cisco EEM for hiding user; ? Authentication Cracking; ? Information Gathering; ? Cisco Passwords; ? VLAN Bypassing. Source : https://lnkd.in/gPZFw6UM
-
TunnelVision exploits DHCP option 121, diverting VPN traffic outside the tunnel, nullifying encryption. Attack technique works regardless of the encryption algorithm. Proposed mitigations pose challenges as no complete fixes are available. For more: https://bit.ly/3ptPjLZ
-
-
Writing Pizzas ?? and Eating Code ???? - Senior Developer (PHP / Go / TypeScript)
How to mitigate a DDoS attack on a small server MetricsWave was the target of a DDoS attack. It receives about 750k requests per hour for 8 hours. I don't know what the goal was; I guess it's what happens when you share your projects publicly, but now the service is faster and more stable than ever! Let me tell your how I did it. https://lnkd.in/dGpia2H8
-
-
Head of cyber security at sociumpartner ! cyber security researcher ! penetration tester ! Cloud AWS ! Azure ! web3 ! smart contract Auditor !!! > ????????
The HTTP/2 Rapid Reset vulnerability (CVE-2023-44487) exploits the stream cancellation mechanism in the protocol. An attacker sends an RST_STREAM frame immediately after sending a request frame. This instructs the server to start processing the request but quickly cancels it. Despite the request being canceled, the HTTP/2 connection remains open, allowing new streams to be created. As a result, the server needs to allocate resources and perform processing tasks, leading to a denial-of-service scenario. Mitigation and solution: https://lnkd.in/dZM95i8i
-
