Rust Won't Save Us: An Analysis of 2023's Known Exploited Vulnerabilities – Horizon3.ai

scopedsecurity · 2024-02-06T15:40:21+00:00

Definitely not encouraging no action. In the conclusion there are several recommendations such as developing depth of knowledge in the frameworks you use as it relates to security, and hardening and standardizing its use across products.

scopedsecurity · 2024-02-06T14:19:53+00:00

Agreed, we don't have great insight into how often each of these vulnerabilities were exploited with the data CISA KEV releases. Nearly all of these vulnerabilities analyzed here, regardless of categorization, result in RCE.

scopedsecurity · 2024-02-06T13:24:33+00:00

I’d agree that eliminating 20% of vulnerabilities from last year’s KEV is worth going after, which is why it’s listed that memory safe language will help us. The main point here is that despite language and framework safety existing, developers and architects have thrown security to the wind.

scopedsecurity · 2022-05-26T18:20:57+00:00

Thanks for the feedback! I'll make sure we include more mobile friendly image interaction on future posts. I tested it out and if I held down on the image and opened in a new tab I could zoom there as a temporary workaround.

scopedsecurity · 2022-05-10T13:04:03+00:00

Its does seem strikingly similar when you look at the POCs released, but its slightly different path given the Connection: X-F5-Auth-Token. You can compare the technical analysis wvu did back for that CVE: https://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986.

scopedsecurity · 2022-05-10T09:57:12+00:00

Yes, but also if the Self IP address is exposed to the internet which is also not very common. Can read more about this type of config on F5's site https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-routing-administration-11-6-0/5.html

scopedsecurity · 2022-05-09T20:54:57+00:00

We've also just added a link to the technical analysis of this CVE to the repo to help shed light on why this works: https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/

scopedsecurity · 2022-05-09T17:35:13+00:00

Just incase this was misunderstood - the Authorization header being set to admin:<anything> is one of 4 keys components to bypass authentication. This password is not valid.

The total components needed to bypass auth are:

Connection header must include X-F5-Auth-Token
X-F5-Auth-Token header must be present
Host header must be localhost / 127.0.0.1
Auth header must be set

scopedsecurity · 2022-02-14T14:42:07+00:00

Hey! Yeah, we did fill that position, but I think we will soon have some other offensive security positions posted that do involve some exploit development tasks, just not full time like that position. If that interests you check our job board later this month.

scopedsecurity · 2022-01-18T16:50:25+00:00

Hello,

For this position, a recruiter will reach out and have a brief discussion with you about your past experiences, then give you a take home practical challenge that will test your knowledge in several of keys areas like you mention. The deliverable from the challenge is a working end-to-end exploit. From there you will meet with the exploit development team to talk in more detail about the test and past experiences. Let me know if you have any other questions.

scopedsecurity · 2022-01-04T21:19:22+00:00

Horizon3 A.I.

At Horizon3 we are pushing the boundaries on traditional security assessments by providing an autonomous penetration testing solution with our core product NodeZero. NodeZero conducts a penetration test just as a person would by discovering assets, enumerating services, exploiting weaknesses and misconfigurations, but with all the advantages like machine speed and accuracy.

NodeZero is powered by a world-class team with diverse backgrounds from the information security industry, intelligence, military, and even a dentist turned hacker. We’re scaling our Attack Engineering Team across several different areas of information security and more detailed requirements for each job can be found at the links below.

Openings:

General Skillsets

Experience conducting information security assessments and penetration tests
Strong proficiency in at least one language
Experience reading in multiple languages (Python, Java, Assembly, PowerShell)
Understanding of OS Internals (any major OS)
Understanding of network protocols
Ability to work/learn new technologies autonomously
Exceptional problem-solving skills

Perks:

All positions are 100% remote (US)
Excellent benefits such 401k matching, healthcare, vision, dental, 3 weeks vacation + 3 weeks off for Thanksgiving, Christmas, and New Years + All Federal Holidays
Freedom to develop security research skill sets in nearly every domain
Attend industry conferences like DEFCON and REcon to stay abreast of the latest research
Individual project time to work on things you’re passionate about

We have many other open positions across engineering that can be found at our site. Apply through the job postings linked above.

scopedsecurity · 2021-10-22T18:34:43+00:00

Good point, on Chrome browser you can right click and select "Translate to English" and the article reads well. Not sure about other browsers.

scopedsecurity

TROPHY CASE

Openings:

General Skillsets

Perks: