There is currently an encryption campaign targeting ESXi servers up to version 7.x via the CVE-2022-31696 vulnerability, which allows access to data on host systems.
Category: Security
Dec 26
Kerberos Authentication with Veeam v12
Kerberos Authentication with Veeam v12. NTLM authentication is still mandatory for communication between all Veeam infrastructure servers in v11. However, NTLM authentication is still required for communication between Veeam backup infrastructure servers (backup server, backup proxies, backup repositories, guest interaction proxies, log shipping servers, and mount servers). NTLM was subject to several known security vulnerabilities …
Dec 12
Critical Fortigate VPN SSL Vulnerability – CVE-2022-42475
Updated on Tuesday 13, December – Affected versions. Critical VPN SSL Vulnerability (FortiOS): Fortinet has just announced a critical vulnerability in all versions. Vulnerabilities that can be easily exploited remotely to compromise firewall or where remote code execution is considered likely in common situations. Manipulate the dynamic resources of some processes, the goal is to …
Dec 07
Hackers love it when you post pictures of your work environment
Hackers love it when you post pictures of your work environment! We are all proud of what we are doing and proud of the great companies we are working in. But by taking pictures of your work environment for LinkedIn or your career blog you are unintentionally disclosing information about your technical setup. This is …
Nov 24
Identify a piece of malware with Yara
Yara rules classify and identify malware samples by creating descriptions of malware families (it is a tool used to identify files, based on textual or binary pattern). YARA rules are like a piece of programming language, they work by defining a number of variables that contain patterns found in a sample of malware. If some …
Follow me
