OGNL injection in Confluence Server & Data Center allows unauthenticated remote code execution
0verture: The Prelude Podcast CVE-EP16Listen now (58 min) | What is a TTP? What is wrong with threat hunting classifications and ideas on how to enhance it.
and
CVE-2022-22965 (Spring4Shell): Remote code execution in Spring Framework.
0verture: The Prelude Podcast CVE-EP15Listen now | Automated Security Software Landscape
, , and
OGNL injection allows unauthenticated remote code execution
Apache HTTP path traversal and remote code execution
and
1
Starting today, TTP Tuesday releases will include #CVE exploit tests. The first few will focus on Linux and include brand new, and…
Shifting gears into a binary interpretation of your offensive security (testing) results
2
Subverting Mark-of-the-Web trust controls
Linux SSH worm and wiper
3
0verture: The Prelude Podcast CVE-EP14Listen now (47 min) | Roundtable discussion on the economy and how it will possibly impact the cyber security industry
, , and
1
Replicating TraderTraitor
1