Busy day for many companies！

Although many security companies have published detailed reports of attacks, for most customers, this is an unsuspecting massacre. Shameful~huntress.com/hubfs/Mass%20E…

Such mitigation measures should be released as soon as possible, not after the mass attack.

In fact, the attack log has already given clues to the vulnerability...&schema=ResetOABVirtualDirectory ~ reddit.com/r/sysadmin/com…

Yes, APT actors have also noticed this, and the IE 0day (CVE-2021-26411) attack carried out in the wild was also hunted down by the Chinese security team.

The epic security breach massacre that lasted three months～

The security of cloud-based IOT devices concentrates all the key points on the supplier company itself, and getting one company puts the entire industry at risk ~ verkada.com/security-updat…

I really want to know the story behind it. I don’t know how much money was lost in this attack.

Godaddy's sso api does not seem to be secure, it is full of security holes, such as yenthanh.medium.com/how-did-i-hack…. But the official should have a better security plan to deal with, and give users an account of the loss.

nice work~

Automatic on-premises Exchange Server mitigation is now in Microsoft Defender Antivirus. We have taken this additional step to further support our customers who have not yet implemented the complete security update. Learn more: msft.it/6017VMA3d

This is not a new thing, a semi-public red team technique, Microsoft's official domain name can become the c&c of cobalt strike! Reference vullnerability.com/blog/microsoft…

nice~ The key is that the directory traversal of ExtractInfFile leads to a predictable path

A joke, the automatic discovery of the windows client normally does not request the TLD, but the external network firewall may block all the automatic discovery requests of the client, causing it to eventually go to the TLD.

YES~Lookups is an object lookup requirement, it has no security design.

This is a privacy detector. All fields related to personal privacy can be filled in.

The ultimate problem of security, all operable and input variables are code execution loopholes, because all variables may be printed in logs. This is a loophole in the annals of history, the ultimate dream of hackers, and the jewel in the crown.

😂

wormable？

How many of these science laws and math equations/constant do you know? [source, zoomable hi-res: buff.ly/2Y9AcHj]