はてなブックマーク

Products and ToolsInitial Metasploit Exploit Module for BlueKeep (CVE-2019-0708) Today, Metasploit is releasing an initial public exploit module for CVE-2019-0708, also known as BlueKeep, as a pull request on Metasploit Framework. The initial PR of the exploit module targets 64-bit versions of Windows 7 and Windows 2008 R2. The module builds on proof-of-concept code from Metasploit contributor @ze

InsightCloudSec empowers teams to proactively manage risk, accelerate DevSecOps, and enforce compliance across multi-cloud environments.

Last updated at Thu, 30 Nov 2017 14:54:31 GMT Deception lures are all of the rage these days, and when deployed properly, are extremely low overhead to maintain and trigger little to no false alarms. Honeytokens, closely related to honeypots, are ‘tripwires’ that you leave on machines and data stores as early warning indications of a breach. Using AWS IAM access keys, we can create nearly limitles

Last updated at Mon, 26 Oct 2020 18:58:40 GMT Go offers a simple way to build command-line tools using only standard libraries. So I put together a step-by-step example to help walk you through the process. To write a Go program, you’ll need Go setup up on your computer. If you’re not familiar with Go and want to spend a little extra time learning, you can take the Go tour to get started! In this

Last updated at Fri, 01 Dec 2017 20:48:24 GMT Here at Komand, we needed a way to easily navigate around our workflows. They have the potential to get complex quickly, as security workflows involve many intricate steps. To accomplish this task, we took an SVG approach to render our workflow dynamically (without dealing with div positioning issues). This gave us the power of traditional graphics to

Products and ToolsKeepalived and HAProxy in AWS: An Exploratory Guide We’re going to explore high availability and load balancing using Keepalived and HAProxy. Keepalived is a routing software designed to provide simple and robust facilities for load balancing and high-availability to Linux systems and Linux-based infrastructures. HAProxy is an open source load balancer/reverse proxy generally use

Last updated at Fri, 03 Nov 2017 20:14:47 GMT Containerization and micro-services are changing how development and operations teams design, build and monitor systems. Containerization of environments regularly results in systems with large numbers of dynamic and ephemeral instances that autoscale to meet demands on system load. In fact, it’s not uncommon to see thousands of container instances, wh

Last updated at Fri, 03 Nov 2017 20:17:09 GMT Over the past year I reckon I have spoken to more than a thousand Developers/IT Os/DevOps folk through customer calls, demos of Logentries, at conferences such as Velocity, DevOpsDays, AWS re:Invent as well as a bunch of other more low key meetups across US and Europe. Naturally, one of the first questions I tend to ask is: “hey what do you use for log

A powerful vulnerability management solution providing comprehensive asset visibility across your environment, while also aiding in the prioritization and remediation of risks.

New Metasploit 0-day exploit for IE 7, 8 & 9 on Windows XP, Vista, and 7 Last updated at Tue, 25 Jul 2017 13:10:10 GMT We have some Metasploit freshness for you today: A new zero-day exploit for Internet Explorer 7, 8, and 9 on Windows XP, Vista and 7. Computers can get compromised simply by visiting a malicious website, which gives the attacker the same privileges as the current user. Since Micro