New DELMIA bugs disclosed after another was exploited in early Sep

campuscodi@mastodon.social

"Both findings chain together: the unauth account creation gives an attacker credentials, and those credentials are then used to authenticate and abuse the file upload to drop a web shell."

Remote Code Execution in DELMIA Apriso — ProjectDiscovery Blog

Introduction DELMIA Apriso is a manufacturing execution and operations orchestration platform used by large manufacturers, service providers, and critical infrastructure operators. Because the product exposes multiple integration points (SOAP, file uploads, provisioning feeds) that are often reachable from internal networks, we performed a focused black-box assessment to surface integration and surface-area weaknesses. Our testing uncovered two chained, high-impact issues: an unauthenticated S

ProjectDiscovery (projectdiscovery.io)

Citiverse

Navigazione

Account

Navigazione

Account

New DELMIA bugs disclosed after another was exploited in early Sep

Remote Code Execution in DELMIA Apriso — ProjectDiscovery Blog

E' normale che a un certo punto l'io narrante si spenga.

You can always count on the crypto community for a good laugh

Giovedì 25 settembre alle 21 sarò al Civico Planetario di Milano con lo spettacolo "Pianeti Mancanti - Ci sono ancora mondi da scoprire nel Sistema Solare?".

Sophos says one of its employees got phished in March but the breach was limited and contained

#Biani #MauroBiani #Politica #Covid #GovernoMeloni

AttackIQ has published a report on the evolution of the RomCom malware, covering up to v5 of the tool, which others also call SnipBot and SingleCamper.

Qualcuno usa DeltaChat ?

Dal 3 Novembre LinkedIn utilizzerà i dati degli utenti per addestrare l’intelligenza artificiale.