We disrupted a highly sophisticated AI-led espionage campaign.
The attack targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies. We assess with high confidence that the threat actor was a Chinese state-sponsored group.
🔍 CVE-2024-21893 & CVE-2024-21887 - Ivanti Connect Secure is in the hot seat! 🚨 SSRF vulnerability opens doors to Remote Code Execution (RCE). 🚨
https://t.co/97IQ4RtFCz
#CVEAnalysis#IvantiConnectSecure#RCE#SSRF
🔍CVE-2023-44313 - Apache ServiceComb Service-Center SSRF Vulnerability Analysis! 🕵️♂️ Unveiling the details of this critical flaw that could compromise microservice security.
https://t.co/6ZsK0KQlSN
#CVEAnalysis#ApacheServiceComb#SSRF
I know a lot of excellent people are looking for jobs right now. We have several openings at @redcanary, including my peer, Senior Director of Detection Engineering, and a Threat Hunter on a team I lead. I hope you'll consider applying or sharing. https://t.co/7sLoewwJGr
Today i have released a new category within my blog-page named 'Bug bounty chronicles', on which i will post write-ups about interesting real life vulnerabilities. Feel free to read the first write-up!🤠 #AWS#cloudsecurity#BugBounty
https://t.co/gx7smknmKc
📢 In #FIRSTCTI22, @unixfreaxjp w/ LACERT teams will share the implementation of @FIRSTdotOrg#CTI Curriculum methods into their investigation of targeted #WebSkimming threat as takeaways for #BlueTeam
https://t.co/x3RuGQGtlI
Register soon, we value your time with good sharing!