🏜️ We're live at #GISEC2024 in Dubai, UAE!

Join PT SWARM for a master class on soldering your smart 🥤 opener or enjoy our ATM hacking contest! 📠

Catch us until April 25 at 5 PM! 🇦🇪

🏭 We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well!

A brief instruction for red teams:

1. Compile our enhanced DLL 👉 gist.github.com/Homer28/7f3559…
2. Use NetSPI's ruler and wait!

No back connect required!

🔥 📐📏

🚀 We're excited to unveil a new tool developed by our researcher: APKd. Now, you can effortlessly download APKs from AppGallery, APKPure, and RuStore directly from the terminal!

Check it out here: github.com/kiber-io/apkd

📱 New article by our researcher Andrey Pesnyak: 'Android Jetpack Navigation: Deep Links Handling Exploitation'

Read about a flaw that allows an attacker to launch any fragments in a navigation graph associated with an exported activity.

swarm.ptsecurity.com/android-jetpac…

🎁 Source Code Disclosure in IIS 10.0! Almost.

There is a method to reveal the source code of some .NET apps. Here's how it works.

👉 swarm.ptsecurity.com/source-code-di…

📖 New article by our researcher Nikita Sveshnikov: 'Bypassing browser tracking protection for CORS misconfiguration abuse.'

Read the blog post to learn how certain misconfigurations can be exploited despite the built-in anti-tracking mechanisms.

swarm.ptsecurity.com/bypassing-brow…

💥 We have reproduced CVE-2023-22527 in Atlassian Confluence.

A template injection vulnerability allows an unauthenticated attacker to achieve RCE on an affected instance.

Update your software ASAP!

🖥 Yealink fixed a post-auth OS command injection in Yealink Meeting Server found by our researcher.

MITRE we are still waiting for a CVE assignment.

Read the advisory: yealink.com/en/trust-cente…

New article by our researcher sn🥶vvcr💥sh: 'Python ❤️ SSPI: Teaching #Impacket to Respect Windows SSO'.

🥷 Read the blog post and you'll fly under the radar of endpoint security mechanisms as well as custom network detection rules more easily.

swarm.ptsecurity.com/python-sspi-te…

🌵 Cacti fixed 2 high severity vulnerabilities found by our researcher Aleksey Solovev.

💥 CVE-2023-49084 – RCE via managing links;
💥 CVE-2023-49085 – SQLi via managing poller devices.

Read the technical advisories here ↓
github.com/Cacti/cacti/se…

⚠️ We have reproduced CVE-2023-22515 in Atlassian Confluence.

Broken access control allows unauthenticated users to gain administrative access to the web application!

Update your software ASAP!

💥 We have reproduced both CVE-2023–29357 and CVE-2023–24955 in Microsoft SharePoint.

The chain allows unauthenticated users to execute arbitrary commands on the server.

Update your software ASAP!

🔥 We have reproduced the fresh CVE-2023-42793 in JetBrains TeamCity.

Authentication bypass allows an external attacker to gain administrative access to the server and execute any commands on it.

Update your software ASAP!

🍃 Are you stuck on authorization bypass in a Spring app?

This tip can be helpful to you!

💰 New article by our researcher Andrey Bachurin: 'Binance Smart Chain Token Bridge Hack'

The article explains the technical details of one of the largest cryptocurrency hacks ever.

Read the blog post: swarm.ptsecurity.com/binance-smart-…

🧙‍♂️ CVE-2022-44268 - a vulnerability in ImageMagick that could lead to an arbitrary file read.

How does it work? See here 👇

💬 New article by our researcher Aleksey Solovev: 'MyBB <= 1.8.31: Remote Code Execution Chain'.

🐞 Abusing Nested Parsers Conditions for getting XSS
🐞 From Privileged SQL Injection to RCE

Read the article: swarm.ptsecurity.com/mybb-1-8-31-re…

✅ A simple way to merge manifests for an Android app.