Posts by Pearce Barry

June 21, 2022

Finding Microsoft VPN/PPTP with Rumble

Last month, researcher Alex Nichols at Nettitude reported a vulnerability in Microsoft’s Windows VPN software that could allow for remote code execution or local privilege escalation by an attacker. This vulnerability lies in a use-after-free condition that can occur in the …

Read More

June 7, 2022

A prize-winning community integration between Rumble and Microsoft Sentinel

Josh Lucas, a cybersecurity engineer at Loop Secure, recently took first place in Microsoft’s Sentinel Hackathon for his submission, “Rumble Network Discovery solution for Microsoft Sentinel.” For his project, Josh was looking for a way to better enable security teams during …

Read More

June 3, 2022

Finding Confluence servers (again) with Rumble

Last updated on June 3, 2022 at 06:00 CDT (-0600) An actively exploited zero-day has surfaced in popular wiki software Confluence. Deemed “critical” in severity, this vulnerability affects all supported versions of Confluence Server and Confluence Data Center, and also …

Read More

May 5, 2022

Finding F5 BIG-IP instances

Technology vendor F5 recently published information on over 40 vulnerabilities, mostly affecting their BIG-IP line of products. While these vulnerabilities include a mix of types and severities, a particular authentication bypass vulnerability that can affect all BIG-IP …

Read More

April 29, 2022

Finding Netatalk instances

A critical vulnerability in the Netatalk open source file server software was found in some popular network attached storage (NAS) devices. Netatalk provides services for the deprecated AFP (Apple Filing Protocol, formerly known as Appletalk Filing Protocol), and runs on a …

Read More

March 30, 2022

Finding Kaspersky AV on your Windows endpoints

Late last week, the U.S. Federal Communications Commission announced it had added Russian-based Kaspersky Lab to its Covered List, maintained by the FCC to identify “entities that pose an unacceptable risk to U.S. national security.” This follows a 2017 action by the U.S. …

Read More

March 15, 2022

Finding Veeam Backup & Replication instances

Veeam recently published information on two vulnerabilities in the Veeam Backup & Replication product, originally reported by Nikita Petrov of Positive Technologies. Which versions are affected? These vulnerabilities affect Backup & Replication versions 9.5, 10, and …

Read More

March 9, 2022

Finding APC assets vulnerable to TLStorm

Researchers at Armis recently published details on three new vulnerabilities affecting cloud-connected APC Smart-UPS devices manufactured by Schneider Electric. Dubbed “TLStorm”, two of these vulnerabilities exist in the firmware TLS implementation, while …

Read More

February 28, 2022

Finding GitLab instances

The development team at GitLab issued a new critical security release that patches seven recently-disclosed vulnerabilities in GitLab software. Reported by customers, security researchers, and GitLab team members, these vulnerabilities are located in various components of …

Read More

February 18, 2022

Finding Zabbix instances

Popular monitoring tool Zabbix surfaced in security news this week due to two newly disclosed vulnerabilities. Discovered by researchers at SonarSource, successful exploitation of vulnerable Zabbix Frontend targets could allow authentication bypass, configuration changes, …

Read More