Olivia
Online
Andreas
@andreasjabs
Klön
Joined August 2010
552 Following
17 Followers
98 Posts
‼️🇩🇪 Alleged internal infrastructure data belonging to Allianz has been posted on a cybercrime forum, where a threat actor claims to be releasing approximately 500 internal Docker images totaling around 40 GB.
* Threat actor claims the leak contains ~500 internal Docker images from Allianz infrastructure
* Advertised archive size is approximately 40 GB
* Screenshots appear to show numerous internal microservices, APIs, customer-facing applications, and backend components
* Actor claims the leak contains source code, internal services, and infrastructure-related assets
* Download access appears restricted behind the forum’s paid content system
* Claimed Contents:
* API keys and service tokens
* Database credentials
* Internal microservice source code
* Hardcoded staging and production credentials
* TLS private keys and internal certificate authority materials
* Kubernetes/OpenShift-related components
* Customer service and insurance-related application services
* Potential Impact:
* Exposure of internal architecture and attack paths
* Supply-chain and software security risks
* Credential compromise and lateral movement opportunities
* Discovery of vulnerable services and hardcoded secrets
* Increased risk of future attacks against Allianz infrastructure
* Analyst Note: This is significantly different from a traditional customer-data leak. If authentic, Docker images may expose application source code, configuration files, secrets, infrastructure design, CI/CD artifacts, certificates, and credentials. However, screenshots alone are insufficient to validate the claim. Independent verification is required to determine whether the images are authentic Allianz assets, outdated environments, publicly accessible containers, or recycled material from previous incidents.
#DDW #Intelligence #Allianz #Germany
Huge kudos to GitHub for addressing the issue 👏
Full technical breakdown here → https://t.co/pH0kNpxY72
1/ A DoS exploit demo for CVE-2024-49112 by @safebreach.
RCE exploit is probably coming soon.
Patch!
Who to follow
T-bag236
@thibauta2
RIEN
Injectyll-HIDe
@Injectyll_HIDe
Injectyll-HIDe is an open-source hardware implant that is being released soon. Stay tuned for more to come...
ausserirdischer beobachter 
@jerry_d_alien
Produkt der Deutsch Amerikanischen Freundschaft, IT, DJ, Musiker, Starseed, ausserirdischer Beobachter.
Patch Now! Grafana Hit by 9.9 Severity RCE Vulnerability (CVE-2024-9264) https://t.co/U6zOGCYYGw
Folks it's 2024 and the new NIST draft for digital identity is asking you to STOP the madness of 30/90 days password resets and moving it from a
recommendation → to a REQUIREMENT
Microsoft admins here's what you need to do:
→ Turn on risk based conditional access policy
→ Stop periodic password resets
= Reduced help desk calls + happy users
It's a win, win.
If you are not licensed for Entra ID P2 then you can still use the logs and trigger a workflow to get your users to change their password.
Thanks to @blackroomsec for the call out.
The high-risk vuln (CVE-2024-39717) was added to the CISA must-patch list over the weekend after Versa Networks confirmed zero-day exploitation @SecurityWeek
Black Lotus Labs links exploitation to Volt Typhoon APT and says ISPs and MSPs are downstream targets 👇👇
https://t.co/b6R0Qqop3k
Intel HW is too complex to be absolutely secure! After years of research we finally extracted Intel SGX Fuse Key0, AKA Root Provisioning Key. Together with FK1 or Root Sealing Key (also compromised), it represents Root of Trust for SGX. Here's the key from a genuine Intel CPU😀
MSRC fixed a RCE bug in TCPIP module.
I found the bug several months ago.
Its score is 9.8 and exploitation is more likely. Please apply the patch immediately.
Iranian MuddyWater switching from RMM tools to custom implants. Also avoids using 'schtask.exe' directly to bypass detection, instead using the Scheduled Task class object. Via @sekoia_io https://t.co/zvfXKMT2QM ; indicators also in https://t.co/zRuayIP82j https://t.co/gaBxXeDyih
Our team at @Volexity has identified a new 0day exploited in the wild. This time we caught a threat actor using an unauthenticated RCE in Palo Alto Networks GlobalProtect. It has been assigned CVE-2024-3400 and is covered in this @PaloAltoNtwks advisory https://t.co/JZIOPnavnX
Setting pod cpu limits can limit performance without pod metrics showing 100% CPU because the limits are time based. This often presents itself during scale tests, and sometimes you're better off not setting them.
This is your periodic reminder there's no such thing as a fractional engineer. If you're assigned 50% to this project & 50% to that, then someone is willing to accept 0 productivity from you in exchange for not telling someone up front that their project isn't being supported.
xz bd engineer 1: bro, we need a way to probe the address space to make sure we never SEGV sshd
xz bd engineer 2: we'll just do a pselect syscall with empty fd sets, a timeout of 1 nanosecond and the addr we want to probe is passed as the sigmask pointer, EFAULT means unmapped
The xz package tar's were backdoored. Only discovered because the backdoor slowed down sshd enough for Andres Freund to investigate.
Consider the case where the backdoor didn't cause perf issues... How long would this have gone undetected?
https://t.co/qO05dVP7vU
Compliance is the root of all evil
hi all
weaveworks is winding down :-(
I wrote a statement here
Weaveworks is the best team I ever worked with and will have a longer impact than perhaps we expected at the start
https://t.co/0GGQ1s789K
SOAPHound is out for walkies!
SOAPHound is a #BloodHound collector to enumerate AD over SOAP instead of LDAP directly.
Proud of Nikos for all his hard work!
Blog: https://t.co/7cJVnFRUjD
Tool repo: https://t.co/0gt73qX9Bd
Detections:
https://t.co/PJ0P4iWsbE
Everyone freaking out about the Okta pwnage... just wait until your EDR provider gets popped, free c2 to all endpoints 🤤🤤
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers