![]() The type of websites that literally just have information about the company on there, they might have a contact form (input fields) but no other real interactive features, no i. Hi all,Just after peoples opinions on pentesting basic brochure type websites. Pentesting a basic brochure type website Security.Snap! - Astronaut Training, Beaming Energy, VR Controlled Bots, True Game Over Spiceworks Originalsįlashback: Back on November 11, 1675, German mathematician Gottfried Wilhelm Leibniz demonstrates integral calculus for the first time (Read more HERE.).Maybe your links are being put out there. Don't reuse the same numbers, and require a password to enter aĬollaboration tool, run the IP through Alienvault OTX and see if maybe.just If you are a ZOOM user, use random meeting ![]() Password or logon is required for anyone you are sending files too. The list of passive URLs makes that an even bigger threat, since it is a Getting into other people's ZOOM meetings by randomly entering numbers in the Of "Zoom bombing", it is like photo bombing but with ZOOM. The troubling thing is there has been a rash Instead of document links, they are the meeting IDs. Sure enough all of the "passive URLs" are listed there, but Working from home, I found myself looking into another IP, it turned out to be The end user to set strong enough security. They are right in the sense that it was a failure of I brought this to the attention of AlienvaultĪnd they said they were not in the position to police the internet, and are Get ahold of it.that is just not the case. People think if they send a document link out in an encrypted email, no one can When the user clicked the link it could have made it on the OTX list. You see even if that link was sent in an encrypted email, Possible they have sensors in the backbone of the internet somewhere. It could be that any links clicked in anĪlienvault environment are captured, but AV is owned by AT&T so it is I am not sure whereĪlienvault is getting their data. Many of the links were not password protected and required no authentication.Īny Alienvault OTX user can see these links. Or HTTPS link, the full text was there, plain as day. ![]() Since the IP address was Sharefile, it was showing all the document sharing It showed many URLs that linked to that IP address. I ran the IP through the Alienvault Open Threat Exchange (OTX),Īnd found that the IP was Sharefile. OTX is a free service anyone can sign up for.ĭangerous bit of information being shared.ĭigging into a potentially malicious event. To rapidly correlate events and threat intelligence. I use their products, and really like the ability I would like to start this post by saying I amĪ huge fan of Alienvault OTX.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |