Hey Mastodon, question for my #sysadmin and #DevOps types. Has anyone used #Pester and #PSScriptAnalyzer to set up unit testing for test driven development, particularly on (relatively) simple #PowerShell scripts like you might use for application detection, installation, and uninstallation from a system like #SCCM #Intune or #ManageEngine ?

Apologies for the buzzword bingo, but I’m trying to reach folks who may be following the hashtags, but not necessarily have a connection otherwise.

Are Password Managers Safe to Use? (Benefits, Risks & Best Practices) – Source: www.techrepublic.com https://ciso2ciso.com/are-password-managers-safe-to-use-benefits-risks-best-practices-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #SecurityonTechRepublic #NortonPasswordManager #SecurityTechRepublic #CyberSecurityNews #passwordmanager #CloudSecurity #ManageEngine #1Password #Bitwarden #Dashlane #Security #Keeper

Webinar: ManageEngine Log360 product demo https://www.helpnetsecurity.com/2024/10/08/webinar-manageengine-log360-product-demo/ #Whitepapersandwebinars #ManageEngine #Don'tmiss #News

ManageEngine Analytics Plus 6.0 identifies key inefficiencies in IT operations https://www.helpnetsecurity.com/2024/09/25/manageengine-analytics-plus-6-0/ #Industrynews #ManageEngine

#BSI WID-SEC-2024-2054: [NEU] [hoch] #Zoho #ManageEngine #Endpoint #Central: Schwachstelle ermöglicht Umgehung von Sicherheitsvorkehrungen und Offenlegung von Informationen

Ein entfernter, authentifizierter Angreifer kann eine Schwachstelle in Zoho ManageEngine Endpoint Central ausnutzen, um vertrauliche Informationen offenzulegen und Sicherheitsvorkehrungen zu umgehen, um so einen Ransomware-Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2054

Vulnerabilidad crítica en #OpManager de #ManageEngine permite a los #hackers realizar ataques de ejecución remota de código #RCE
https://blogs.masterhacks.net/noticias/hacking-y-ciberdelitos/vulnerabilidad-critica-en-opmanager-de-manageengine-permite-la-ejecucion-remota-de-codigo/

#BSI WID-SEC-2024-1915: [NEU] [niedrig] #Zoho #ManageEngine #ServiceDesk #Plus: Schwachstelle ermöglicht Cross-Site Scripting

Ein Angreifer kann eine Schwachstelle in Zoho ManageEngine ServiceDesk Plus ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1915

#ManageEngine #ADAudit - Reverse engineering #Windows #RPC to find CVEs

https://www.shelltrail.com/research/manageengine-adaudit-reverse-engineering-windows-rpc-to-find-cve-2024-36036-and-cve-2024-36037-part1/

https://www.shelltrail.com/research/manageengine-adaudit-reverse-engineering-windows-rpc-to-find-cve-2024-36036-and-cve-2024-36037-part2/

https://www.shelltrail.com/research/manageengine-adaudit-reverse-engineering-windows-rpc-to-find-cve-2024-36036-and-cve-2024-36037-part3/

ManageEngine unveils passwordless, phishing-resistant FIDO2 authentication https://www.helpnetsecurity.com/2024/06/04/manageengine-fido2-authentication/ #Industrynews #ManageEngine

Infosec products of the month: May 2024 https://www.helpnetsecurity.com/2024/06/03/infosec-products-of-the-month-may-2024/ #SecureCodeWarrior #AbnormalSecurity #AdaptiveShield #Cybersixgill #ManageEngine #SentinelOne #StrikeGraph #AuditBoard #Forcepoint #Proofpoint #Truecaller #Detectify #Eclypsium #SumoLogic #CyberArk #Dashlane #ExtraHop #OneTrust #PlexTrac #Synopsys #Appdome #Cranium #Datadog #FireMon #Trellix #Splunk #Calix #OWASP #News #Snyk

New infosec products of the week: May 17, 2024 https://www.helpnetsecurity.com/2024/05/17/new-infosec-products-of-the-week-may-17-2024/ #ManageEngine #FireMon #Calix #OWASP #News

ManageEngine SaaS Manager Plus simplifies access management https://www.helpnetsecurity.com/2024/05/15/manageengine-saas-manager-plus/ #Industrynews #ManageEngine

" Lazarus Group Unleashes CollectionRAT in Sophisticated Campaigns "

Lazarus Group, a North Korean state-sponsored actor, has been utilizing infrastructure reuse to launch sophisticated cyber attacks. Their latest campaign exploits CVE-2022-47966, a vulnerability in ManageEngine ServiceDesk, to deploy multiple threats including a new malware, CollectionRAT. This RAT showcases capabilities such as executing arbitrary commands and managing files on infected systems. Intriguingly, Lazarus Group is increasingly leveraging open-source tools like the DeimosC2 framework, marking a strategic shift in their attack methodologies. CollectionRAT, along with other tools like the malicious PuTTY Link (Plink), indicates a refined approach in their cyber warfare tactics.

Details: Cisco Talos Blog

Authors: Asheer Malhotra, Vitor Ventura, Jungsoo An

Tags: #Cybersecurity #LazarusGroup #APT #CollectionRAT #DeimosC2 #CVE202247966 #ManageEngine #Plink #NorthKorea #StateSponsoredCyberAttacks

Mitre - Lazarus Group

#Lazarus #APT exploits #Zoho #ManageEngine flaw to target an #Internet backbone infrastructure provider
https://securityaffairs.com/149829/apt/lazarus-apt-exploits-zoho-manageengine-flaw.html
#securityaffairs #hacking

Pulling SYSTEM out of #Windows GINA — #Authentication #Bypass to SYSTEM shell in #ManageEngine #ADSelfService Plus Windows GINA Client

// by @pedrib1337@twitter.com

https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/adselfpwnplus/adselfpwnplus.md

Kritische #Schwachstellen in #VMware CBAC & Zoho #ManageEngine, #Cyberangriffe auf Dole, Bayrischer Rundfunk, Feuerwehr Hamburg, sowie Landratsamt Böblingen und #EU Kommission setzt #TikTok auf Firmengeräten aus – das sind die #Hacker #News der Woche.

https://www.lastbreach.de/blog/die-weekly-hacker-news-230224

Hackers are actively exploiting CVE-2022-47966 flaw in #Zoho #ManageEngine
https://securityaffairs.com/142635/hacking/zoho-manageengine-attacks.html
#securityaffairs #hacking #cybercrime

Hi all! I wrote a #python scanner for #CVE-2022-47966, a critical unauthenticated remote code execution (RCE) vulnerability affecting at least 24 #ManageEngine products (all on-premise). CVE-2022-47966 is being exploited in the wild, so patching is a must. The scanner currently supports about 10 of the affected products and is available here: https://github.com/vonahisec/CVE-2022-47966-Scan/blob/main/README.md
#redteam #blueteam #vulnerability #scanner #pentesting

#CISA added #Zoho #ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog
https://securityaffairs.com/141248/security/zoho-manageengine-2022-47966-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking

I just posted our #Rapid7 technical analysis of the recent vulnerability in #ManageEngine - CVE-2022-47966 (#cve202247966 / #CVE_2022_47966. Big thanks to @catc0n and my new co-worker @stephenfewer@twitter.com for their help on this one! I can see I have a lot to learn from Stephen :)

https://attackerkb.com/topics/gvs0Gv8BID/cve-2022-47966/rapid7-analysis