noways

🇬🇧 Episod 3 of Optistream "Show Case" series. Map your #cloud in few clicks and quickly assess its security against in-depth infiltrations. This article shows practical example on AWS cloud. 🇫🇷 Épisode 3 de notre série "Show Case" Cartographiez votre environnement #cloud en quelques clics et évaluez rapidement sa robustesse face aux attaques en profondeur. Cet article présente un exemple concret dans le cloud AWS. #cybersecurity #segmentation #aws https://lnkd.in/eyD-Bv4c

🇬🇧 Yesterday, cybersecurity firm Qualys published details of the #regreSSHion vulnerability (CVE-2024-6387) affecting OpenSSH (versions >= 8.5p1 up to and including 9.7p1). This is a critical vulnerability enabling an unauthenticated remote attacker to execute arbitrary code with administrator privileges on glibc-based Linux systems (e.g. Debian). Qualys has determined that around 700K vulnerable servers would be exposed on the Internet. The vulnerability is a regression bug that has been previously fixed (CVE-2006-5051), this is a race condition in the signal handler that can occur during the user authentication process. An attacker can force this signal to be triggered under specific conditions in order to manipulate the memory layout and exploit allocation primitives to corrupt certain critical structures and execute code (RCE). The researchers were able to exploit the bug in laboratory conditions on systems lacking recent protection mechanisms against the exploitation techniques employed, such as ASLR. The complex exploitation presented by the Qualys team takes a long time (up to several hours - https://lnkd.in/dYDNDvCy), and although mass exploitation does not yet appear to be on the cards, targeted attacks are still possible. OpenSSH versions from 4.4p1 to 8.5p1 are not affected by this vulnerability. The suggested remediations are: -         Update OpenSSH to its latest version (9.8p1 - https://lnkd.in/g7yguR_N) -         If the update cannot be applied immediately, setting the LoginGraceTime variable to 0 in /etc/ssh/sshd_config followed by a service restart will prevent the vulnerability from being exploited -         More generally, Qualys recommends robust network segmentation to block lateral movement in the event of compromise. The Optistream solution considers these attack scenarios where your servers exposed to the Internet may be compromised (VPN, jump hosts...), and enables you to assess the impact by determining the attack paths that attackers may take once the initial compromise has taken place. https://lnkd.in/g53zkeXv

🇬🇧 Episod 2 of Optistream "Show Case" series. Optistream's automated security audit: discover hidden attack paths and contagious nodes within your hybrid-network. 🇫🇷 Épisode 2 de notre série "Show Case" Audits de sécurité automatisés d'Optistream : révélez les chemins d'attaques et les nœuds contagieux de votre infrastructure hybride. #cloud #cybersecurity #attack #lateralmovement https://lnkd.in/ep3UtR2s 

🇬🇧 Take a look at what Optistream can do through our "Show Case" series. Episode 1: build the digital twin of your hybrid-network (on-prem & #cloud) in record time! 🇫🇷 Découvrez les capacités d'Optistream au travers de notre série d'articles "Show Case". Épisode 1 : créez le "digital twin" de votre infrastructure hybride (on-prem & #cloud) en un temps record! #network #security #map #compliance https://lnkd.in/em4enbi9

🇬🇧 Optistream has recently discovered and published about a critical vulnerability affecting the #ZeroTrust SecurEnvoy MFA product (CVE-2024-37393), which allows an attacker to exfiltrate your Active Directory from the Internet. Security update available in version 9.4.514. Read more on our blog. 🇫🇷 Optistream a récemment découvert et publié au sujet d'une vulnérabilité critique affectant le produit #ZeroTrust SecurEnvoy MFA (CVE-2024-37393), celle-ci permet à un attaquant d'exfiltrer votre Active Directory depuis Internet. Mise à jour de sécurité disponible dans la version 9.4.514. Retrouvez les détails sur notre blog. #vulnerability #2fa #activedirectory #pentest https://lnkd.in/emuw47mm

Première publication d'Optistream dans MISC demain dans les kiosques: Analyse des firmwares FortiGate #MISC #cybersecurity #firmware #fortinet #reverseengineering #cryptography Détails ici: https://lnkd.in/gJdrxYQ9

🇬🇧 Check out our first episod of #redteam tales where we share a real-world case of XXE exploitation during client #pentest engagement. 🇫🇷 Découvrez notre premier épisode de #redteam tales où nous partageons un cas réel d'exploitation XXE lors d'un engagement client #pentest. #webexploitation #bugbounty #infosec #cybersecurity Link here: https://lnkd.in/ehCsYnYJ

Discover our latest publication on Segmentation & Zero Trust #zerotrust #segmentation #networksecurity #dora #nis2

Optistream at GISEC - Day #2

Optistream at GISEC - Day #1