@patriceauffret.bsky.social
ONYPHE founder, CEO and CTO - FreeBSD & Perl sculptor rather than GNU/Linux & Python - My views are those of my employer
Perl
11.11.2025 08:06 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
RustScan est un outil de scan de ports รฉcrit en Rust. Il mise tout sur la rapiditรฉ et se veut scanner l'ensemble des ports d'une machine en quelques secondes โฌ๏ธ
github.com/bee-san/Rust...
Cc @onyphe.io
03.06.2025 06:02 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
A chart showing Internet scan data plots for three countries; Spain, Portugal and France. The three lines are stable, with minor variations from 09:00 to 12:30. At 12:30 the lines for Spain and Portugal drop almost vertically to roughly 50% of their original levels. The line for France continues as for the start of the day. The lines for Spain and Portugal have not returned to their original levels.
The electrical power outage in Spain and Portugal as seen from the Internet (France included for reference)
28.04.2025 16:03 โ ๐ 2 ๐ 2 ๐ฌ 0 ๐ 1Patch management is a multi-decade failure.
10.04.2025 05:00 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
23.03.2025 12:00 โ ๐ 26 ๐ 9 ๐ฌ 0 ๐ 0
VPN Vulnerabilities Emerges As The Key Tool for Threat Actors to Attack Organizations
19.03.2025 11:44 โ ๐ 6 ๐ 4 ๐ฌ 0 ๐ 0The latest version of our cli tool has been released. Get v4.19.0 and find wrappers with sweet new APIs inside.
Available here โก๏ธ
search.onyphe.io/docs/onyphe-...
or here ๐ณ hub.docker.com/r/onyphe/ony...
or even here ๐ฅท metacpan.org/dist/Onyphe
๐งโโ๏ธCc @fs0c131y.com @gazlacrymo.fr @hacker0x01.bsky.social @gandalfistari.bsky.social @jnocetti.bsky.social @korben.info @tariqkrim.bsky.social @reesmarc.bsky.social @jeromenotin.bsky.social @oliviertesquet.bsky.social @patriceauffret.bsky.social @untersin.gr รงa devrait tโintรฉresser ๐ช
04.03.2025 11:39 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0Mais il a bien dormi.
03.03.2025 20:28 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0Oui enfin, c'est comme un moustique qui s'รฉcrase contre le pare-brise d'une voiture.
14.02.2025 11:23 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access
14.02.2025 08:43 โ ๐ 4 ๐ 3 ๐ฌ 0 ๐ 1
๐ฃ We have added a new #vulnerability detection to our #ASM #AttackSurfaceManagement solution for #PaloAltoNetworks PA product:
CVE-2025-0108: authentication bypass on management interface
search.onyphe.io/search?q=cat...
Thanks to @assetnote.io for having shared the detection method.
Yet by performing an awkward legal waltz around the subject, Talos have helpfully supported my hypothesis that compromised IOS XE devices are part of an ORB network serving multiple APTs.
archive.hack.lu/hack-lu-2024...
"Command & Conquer : Red Alert" en version Open source :
www.openra.net
Roughly same numbers as @onyphe.bsky.social
20.01.2025 12:44 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0
Back in the dayz the fake exploit did "rm -rf /" www.trendmicro.com/en_us/resear... #CTI
20.01.2025 07:25 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0More than 50k *vulnerable* devices.
This one is pretty bad.
Don't expose DCERPC protocol on the Internet.
02.01.2025 14:56 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0Je plussoie.
12.12.2024 08:10 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0FreeBSD 14.2-RELEASE now includes OCI-compatible images, and the Podman toolkit is ready to use them, on both amd64 and arm64 systems - A brief Introduction by Dave Cottlehuber #FreeBSD #BSD
09.12.2024 08:10 โ ๐ 5 ๐ 3 ๐ฌ 0 ๐ 0rรฉpondez ร vos emails
putain dire que j'ai connu un temps oรน les gens rรฉpondaient ร un FAX
2. **Truncated SHA-256 Hash Collisions**: The request hashing mechanism truncates SHA-256 hashes to only 12 characters. This significantly reduces entropy, making it feasible for an attacker to generate collisions. By exploiting this, a previously built malicious image can be served in place of a legitimate one, allowing the attacker to "poison" the artifact cache and deliver compromised images to unsuspecting users.
Stop. Truncating. Hashes.
www.phoronix.com/news/OpenWrt...
๐ฃ We have added a new #vulnerability detection to our #ASM #AttackSurfaceManagement solution for #Mitel MiCollab product:
CVE-2024-35286: unauthenticated SQL injection on login page
CVE-2024-41713: unauthenticated arbitrary file read
www.onyphe.io/search?q=cat...
Certes. Mais un recruteur qui jette un CV parce qu'il fait plus d'une page ... Que peut-on en penser ?
29.11.2024 10:55 โ ๐ 0 ๐ 0 ๐ฌ 1 ๐ 0#Cyberattaques : une รฉtude dรฉvoile la porte d'#entrรฉe prรฉfรฉrรฉe des #ransomwares
https://www.01net.com/actualites/cyberattaques-etude-devoile-porte-entree-preferee-ransomwares.html
Cette "rรจgle" est dรฉbile. 3 ou 4 pages, รงa ne me choque pas, surtout aprรจs 20 ans d'XP.
29.11.2024 10:24 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0Optimist: the cup is 1/2 full
Pessimist: the cup is 1/2 empty
Excel: the cup is January 2nd
I just reached 1k followers on #Bluesky - It has been growing pretty fast. Starting to believe the place will be as cool as the old #Twitter ! Thx everyone ! <3
21.11.2024 10:09 โ ๐ 7 ๐ 1 ๐ฌ 1 ๐ 0@onyphe.bsky.social identifies more than 2k vulnerable IPs. That could mean all of them are compromised :/
21.11.2024 12:26 โ ๐ 2 ๐ 2 ๐ฌ 0 ๐ 0
