Attack Blogs

Filters

Showing 43–48 of 56 results

FortiOS, FortiProxy, and FortiProxySwitchManager Authentication Bypass, CVE-2022-40684

FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684)

October 13, 2022 | Attack Blogs

Fortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiProxySwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the effected system. To demonstrate the vulnerability in this writeup, we will be using FortiOS version 7.2.1

FortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass IOCs (CVE-2022-40684)

October 11, 2022 | Attack Blogs

Introduction The recent FortiOS / FortiProxy / FortiSwitchManager CVE has been reportedly exploited in the wild. We would like to provide additional insight into the vulnerability so users can begin to determine if they have been compromised. In this post we discuss enabling logging and IOCs for FortiOS 7.2.1. These steps will likely work on other vulnerable products, however we...

The Long Tail of Log4Shell Exploitation

July 13, 2022 | Attack Blogs

It's been more than six months since the Log4Shell vulnerability (CVE-2021-44228) was disclosed, and a number of post-mortems have come out talking about lessons learned and ways to prevent the next Log4Shell-type event from happening.

VMware Authentication Bypass Vulnerability (CVE-2022-22972) Technical Deep Dive

May 26, 2022 | Attack Blogs

VMware recently patched a critical authentication bypass vulnerability in their VMware Workspace ONE Access, Identity Manager and vRealize Automation products (CVE-2022-22972). This vulnerability allows an attacker to login as any known local user.

F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive

May 9, 2022 | Attack Blogs

F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability particularly worrisome for users because it is simple to exploit and provides an attacker with a method to execute arbitrary system commands.

Using NodeZero to Find and Fix Log4Shell

January 6, 2022 | Attack Blogs

Log4Shell is a "once-in-a-decade" type of vulnerability that will linger in environments for years to come. For a vulnerability with such a broad, lasting impact, it's important to establish a principled and disciplined approach for discovering and remediating it. NodeZero both detects and exploits Log4Shell, surfacing a wealth of information that can be used to understand its real impact and...

« Previous
1
…
6
7
8
9
10
Next »

How can NodeZero help you?

Let our experts walk you through a demonstration of NodeZero, so you can see how to put it to work for your company.

Schedule a Demo

Security Strategies

Industry Insights

Attack Research

Attack Content