November 30, 2022

Not the onion.

#secops is undoubtedly challenging, but our analysis of detection policies/rules vs the usefulness of alerts suggests many organizations are making it even harder on themselves. Full study: https://www.securonix.com/resources/quantifying-siem-effectiveness/

https://infosec.exchange/@cyentiainst/109388194072970615

Recently, I was developing RCE exploits for Xiongmai NVR/IPC. I was focused on 7 vulnerabilities published between 2017 and 2022 (a couple of which had no CVE). Based on my research, I put together a write-up explaining why Xiongmai devices are interesting, shared thoughts on exploit dev, and shared some caught-in-the-wild exploitation.

https://vulncheck.com/blog/xiongmai-iot-exploitation

https://infosec.exchange/@albinolobster/109428990805099502

Reply

or to participate.