Search the Community
Showing results for tags 'vpn'.
Found 2 results
Two researchers have a talk upcoming at DefCon about SSL VPN vulnerabilities, and they've started (although not in the talk) by detailing a unauthenticated remote code execution vulnerability in Palo-Alto GlobalProtect, their VPN system: http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html The short version is: - Bad vulnerability - Actually exploitable - Because it's on both your VPN and firewall box (Palo-Alto do both), the attacker owns your network via the internet - They released a patch for the issue a year ago, but didn't issue a CVE or tell people about the issues for whatever reason - so you want to check if you actually run a vulnerable version still. Vendor advisory here after I tweeted about it: https://securityadvisories.paloaltonetworks.com/Home/Detail/158
Hello OSINT fam 💜 What’s the most valuable advice you’ve received regarding separation of investigations? Mine was: 1. Create a new virtual machine for every investigation (also shared within IntelTechniques’ How To videos) 2. Use VPNs 3. Don’t overuse the same alias, and in some situations use new ones per engagement Cheers