For those that didn't get the reference - this is a reference to the web game pandemic in which the objective is to design a virus/bacteria/parasite to infect the entire world - Madagascar is the hardest country to…
I found this twitter post interesting - the dude did a writeup of how to use metasploit when both the attacker and the victim are behind nat and you are able to get code execution some how on the victim:…
Really the key thing to focus in here, IMO, is the fact that arbitrary USB hardware firmware can be overwritten - anything taking place after complete control of the USB hardware has already been exploited and well…
wow I did not know popping the collar dated back to the 80's.... I guess three 6 mafia was right with that song: "Now ever since I can remember I been poppin' my collar Poppin' poppin' my collar, poppin' poppin' my…
They probably had an "appliance" that if they chose to update manually would fall out of support terms and then would be stuck with an unsupported instance of a device they likely paid tens of thousands to the vendor…
> Things could have been worse If the attacker found a way to upgrade the privileges of the user running jboss (it’s a sudoer, but the password is really hard) NEVER GIVE THE USER YOUR APPLICATION SERVER RUNS UNDER SUDO…
For those that didn't get the reference - this is a reference to the web game pandemic in which the objective is to design a virus/bacteria/parasite to infect the entire world - Madagascar is the hardest country to…
I found this twitter post interesting - the dude did a writeup of how to use metasploit when both the attacker and the victim are behind nat and you are able to get code execution some how on the victim:…
Really the key thing to focus in here, IMO, is the fact that arbitrary USB hardware firmware can be overwritten - anything taking place after complete control of the USB hardware has already been exploited and well…
wow I did not know popping the collar dated back to the 80's.... I guess three 6 mafia was right with that song: "Now ever since I can remember I been poppin' my collar Poppin' poppin' my collar, poppin' poppin' my…
They probably had an "appliance" that if they chose to update manually would fall out of support terms and then would be stuck with an unsupported instance of a device they likely paid tens of thousands to the vendor…
> Things could have been worse If the attacker found a way to upgrade the privileges of the user running jboss (it’s a sudoer, but the password is really hard) NEVER GIVE THE USER YOUR APPLICATION SERVER RUNS UNDER SUDO…