Yesterday a new vulnerability, Type 1 Font Parsing Remote Code Execution Vulnerability, was released.
While a patch has not yet been released to fix this issue, there is a workaround that involves disabling preview in Windows Explorer:
Read More
This is not a ‘Here’s what we’re doing in the wake of COVID-19.’ The team at LARG*net continues to work hard to serve members’ needs. We serve the health care community and have assisted with spinning up temporary facilities. Extra bandwidth has been allocated as traffic patterns shift to accommodate teleworking and online classes. We understand that all members are swamped at this time and encourage you to get ahead of potential future problems by planning now.
Read More
As per the advisory this is unauthenticated remote code execution of a network service. There isn’t a higher threat than this category.
Read More
Icarus is a honeypot project that pretends to be a Microsoft Exchange and File Services server running various common services. My AbuseIPDB profile contains a summary of all IPs I’ve caught using Icarus. It’s not uncommon to see China, Russia, and even the USA attacking the honeypot here though virtually every country appears on the list.
Read More
I decide to give CVE-2018-17246 a try using this exploit on GitHub. I follow their steps exactly: first creating a shell.js with my unprivileged user and using Burp Suite to craft my exploit by literally copying and pasting the rest. I find myself with another very limited shell but at least I’m the Kibana user now:
Read More