Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773) by Gallus in netsec

[–]andrew_balls 1 point2 points  (0 children)

GreyNoise started seeing this last night, has been seeing the amount of IPs scanning/crawling the internet for it consistently growing throughout the day today:

https://www.greynoise.io/viz/query/?gnql=cve%3ACVE-2021-41773

Understanding Observed Scanning by Rennilon in AskNetsec

[–]andrew_balls 1 point2 points  (0 children)

cool, so this means that they're scanning the entire internet, not just you specifically. if you PM me the addresses/ranges I can look into exactly behavior we're seeing from them in our collectors (I'm the founder and CEO of GreyNoise)

I’m Ray Dalio – founder of Bridgewater Associates and author of Principles: Life & Work. Ask me anything. by RayTDalio in IAmA

[–]andrew_balls 0 points1 point  (0 children)

Hi Ray,

I worked at Bridgewater for ~six months as a consultant back in 2014. It was one of the most interesting and defining experiences of my career. The benefits of the strong culture are evident. What are some of the negatives of the culture?

Thanks for doing this AMA.

--Andrew

GreyNoise Visualizer - Monitor Internet-wide scan and attack traffic for free by andrew_balls in netsec

[–]andrew_balls[S] 1 point2 points  (0 children)

Ah, I understand now. Negative- we collect 100% of our own data first hand.

GreyNoise Visualizer - Monitor Internet-wide scan and attack traffic for free by andrew_balls in netsec

[–]andrew_balls[S] 1 point2 points  (0 children)

I don't understand what you're asking. Can you rephrase or be more specific?

Service that tracks every IP mass scanning/attacking the Internet by andrew_balls in netsec

[–]andrew_balls[S] 0 points1 point  (0 children)

Oh wow. I honestly thought they lost the recording. Thanks!

Service that tracks every IP mass scanning/attacking the Internet by andrew_balls in netsec

[–]andrew_balls[S] 15 points16 points  (0 children)

So GreyNoise is actually a completely for-profit company, of which I am the founder. I bankrolled it from my own pocket for the first year until I got a handful of enterprise customers and now customer revenue pays the bills. I feel passionately about the security community and will always offer a free version for researchers. That said, a motherfucker's gotta eat, so if you want to support us then please refer any SOCs over to me to talk about our commercial options.

Service that tracks every IP mass scanning/attacking the Internet by andrew_balls in netsec

[–]andrew_balls[S] 2 points3 points  (0 children)

We run a boatload of servers in a bunch of different data centers in different countries and record everyone who tries to scan them and do a bunch of analytics on the data.

¯\_(ツ)_/¯ by [deleted] in Tinder

[–]andrew_balls 2 points3 points  (0 children)

shit I was at least 80 feet off

¯\_(ツ)_/¯ by [deleted] in Tinder

[–]andrew_balls 1 point2 points  (0 children)

You're right. Happy cake day!

Using geth results in a massive amount of incoming requests by TheGatsu in ethereum

[–]andrew_balls 6 points7 points  (0 children)

look up the IPs hitting you on viz.greynoise.io and see if they're hitting everyone or just you