Ron Bowes
@iagox86
Work smart, not hard
Mastodon: [email protected]
ID:113150429
https://blog.skullsecurity.org 10-02-2010 21:41:08
8,5K Tweets
6,0K Followers
329 Following
We published a tag today for CVE-2023-48788, a CVSS 9.8 SQL 💉 injection vulnerability in FortiNet FortiClientEMS, thanks to our friends at Horizon3.ai viz.greynoise.io/tags/fortinet-…
Christophe Tafani-Dereeper Ron Bowes ϻг_ϻε The only one I can provide, is that was accidentally found while pentesting perimeter of our client, reported without details and with recommendation to immediately isolate device and wait for vendor's reaction. How Ivanti classified and played the vulnerability - it's their part
Tag for Fortra GoAnywhere CVE-2024-0204 (based on Horizon3 Attack Team's details) is live. Will be interesting to see what folks try! viz.greynoise.io/tag/goanywhere…
🥪 & #threatintel : We just pushed out this blog post with examples of Ivanti exploitation used for crypto mining. We've also included relevant IOCs and a link to a Gist containing naughty IPs.
greynoise.io/blog/ivanti-co…