shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

268
active users

#pulsesecure

0 posts0 participants0 posts today
Maxime Thiebaut<p>We're still discovering further ramifications to <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a>'s <a href="https://infosec.exchange/tags/PulseSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PulseSecure</span></a> vulnerabilities (<a href="https://infosec.exchange/tags/CVE_2023_46805" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2023_46805</span></a> &amp; <a href="https://infosec.exchange/tags/CVE_2024_21887" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE_2024_21887</span></a>). In February, we identified two new backdoors: <a href="https://infosec.exchange/tags/SparkCockpit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SparkCockpit</span></a> &amp; <a href="https://infosec.exchange/tags/SparkTar" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SparkTar</span></a>. Both backdoors employ selective interception of TLS communication, offer multiple degrees of persistence and access possibilities into the victim network (e.g., traffic tunneling through SOCKS proxy).</p><p>👀 Analysis &amp; detection rules at <a href="https://blog.nviso.eu/2024/03/01/covert-tls-n-day-backdoors-sparkcockpit-sparktar/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.nviso.eu/2024/03/01/cover</span><span class="invisible">t-tls-n-day-backdoors-sparkcockpit-sparktar/</span></a></p><p>The findings of our investigation have been independently corroborated by the research performed by Mandiant and have partially been observed by Fortinet.</p><p><a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseengineering</span></a></p>
Lisa Lorenzin (she/her)<p>True facts. AFAICT, the <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> mess is technical-debt chickens coming home to roost. I was at <a href="https://infosec.exchange/tags/NetScreen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetScreen</span></a> when we acquired <a href="https://infosec.exchange/tags/Neoteris" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Neoteris</span></a> (originators of the <a href="https://infosec.exchange/tags/SSLVPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSLVPN</span></a> product), and then over the next two decades <a href="https://infosec.exchange/tags/Juniper" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Juniper</span></a> &gt; <a href="https://infosec.exchange/tags/PulseSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PulseSecure</span></a> &gt; <a href="https://infosec.exchange/tags/Ivanti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ivanti</span></a> have tortured that legacy codebase with everything from FrankenNAC to PE-driven developer offshoring to bolt-on cloud-service offerings. TBH the only thing that surprises me about this is that it took so long. <br>Pouring one out for what was truly a revolutionary <a href="https://infosec.exchange/tags/VPN" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VPN</span></a> solution when it debuted 20-some years ago...</p>