Channel address:
Categories:
Technologies ,
Blogs
Language: English
Subscribers:
1.79K
Description from channel
Vulnerability assessment, IT compliance management, security automation and other beautiful stuff. Discussion group for this channel: @avleonovchat. PM me @leonov_av
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
1
2 stars
0
1 stars
1
The latest Messages 14
2021-07-02 03:31:17
I often get mad that once a vulnerability is posted, no one changes its description, even if a serious mistake is found. And for MITRE / NVD this is indeed the case. But Microsoft sometimes corrects the vulnerability description. Therefore, CVE-2021-1675 "PrintNightmare" is now marked as RCE on the MS site. Respect!
26 views00:31
2021-06-30 22:44:44
#PrintNightmare CVE-2021-1675 "Since the patch is currently not effective against the vulnerability, the most effective mitigation strategy is to disable the print spooler service itself."
360 views19:44
2021-06-28 14:31:34
Hello, today I want to experiment with a new format. I will be reading last week’s news from my @avleonovnews channel, which I found the most interesting. I do this mostly for myself, but if you like it too, then that would be great.
Video:
Text version: https://avleonov.com/2021/06/28/last-weeks-security-news-cisco-asa-big-iq-vsphere-solaris-dlink-iphone-s-darkradiation-google-schema-john-mcafee/
356 views11:31
2021-06-24 02:11:33
How badass you were, John. Not life, but a blockbuster. It's very sad, indeed.
201 views23:11
2021-06-15 12:03:30
Today I will talk about the Positive Hack Days conference, which took place on May 20 and May 21 in Moscow. I can say that this was and remains the main event for Information Security Practitioners in Russia.
Video:
Text version: https://avleonov.com/2021/06/15/phdays-10-u-s-sanctions-my-talk-on-vulristics-other-great-talks-related-to-vm/
304 views09:03
2021-06-09 03:49:35
I will not describe all the features of Microsoft Intune here. Simply because at this stage they are not very interesting to me. The task I needed to solve was how to get the timestamp of the last activity for all hosts in Microsoft Intune using the official API.
Video:
Text version: https://avleonov.com/2021/06/09/getting-hosts-from-microsoft-intune-mdm-using-python/
123 views00:49
2021-06-01 08:15:42
Metasploit Wrap-Up#Rapid7Blog
"## RCE Exploit For CVE-2020-0796 (SMBGhost)
This week our very own Spencer McIntyre has added an exploit for CVE-2020-0796, which leverages a vulnerability within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol to gain unauthenticated remote code execution against unpatched Windows 10 v1903 and v1909 systems. Previously, Metasploit offered an LPE version of this exploit but not RCE support. The exploit is heavily based on the chompie1337/SMBGhost_RCE_PoC PoC.
Note that there is a high probability that, even when the exploit is successful, the remote target will crash within about 90..."
https://blog.rapid7.com/2021/05/28/metasploit-wrap-up-113/
152 views05:15
2021-06-01 08:15:07
More than a year has passed, and finally we got the SMBGhost RCE exploit just in Metasploit. By the way, it seems to me that there is a big problem that after the initial prioritization, no one monitors what happens with vulnerabilities further. Well, unless it's highlighted by the mainstream media.
Upd. SMBGhost was firstly mentioned in March 2020 MS Patch Tuesday review
222 viewsedited 05:15
2021-05-28 11:23:32
Yes, I completely agree with the results of this survey. This is why this is the main slide in my latest presentation about Vulnerability Prioritization.
242 views08:23
2021-05-21 11:17:08
I arrived at the building and listen to Ilya Zuev about vulnerability scanning in Rambler. I'm next at 12:00 MSK. #phdays10 #studio2
You can watch it here: https://standoff365.com/phdays10/
97 views08:17