Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Terracotta VPN Piggybacks On Network Of Compromised Windows Servers
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/5/2015 | 2:57:14 PM
Re: Your link is invalid
Link has now been fixed. Thanks!
SgS125
50%
50%
SgS125,
User Rank: Ninja
8/5/2015 | 12:22:21 PM
Your link is invalid
 

Your link for more information goes here:

https://mail.cmp.com/owa/redir.aspx?SURL=G85b9ymvBb4nqK1WyWguVxMc4roqPIj7lFgrb0_HBUxQxRtvp53SCGgAdAB0AHAAcwA6AC8ALwBiAGwAbwBnAHMALgByAHMAYQAuAGMAbwBtAC8AdwBwAC0AYwBvAG4AdABlAG4AdAAvAHUAcABsAG8AYQBkAHMALwAyADAAMQA1AC8AMAA4AC8AVABlAHIAcgBhAGMAbwB0AHQAYQAtAFYAUABOAC0AUgBlAHAAbwByAHQALQBGAGkAbgBhAGwALQA4AC0AMwAuAHAAZABmAA..&URL=https%3a%2f%2fblogs.rsa.com%2fwp-content%2fuploads%2f2015%2f08%2fTerracotta-VPN-Report-Final-8-3.pdf

 

Which appears to be an exchange web access login page.

 

For deeper dive into this topic, see what Krebs wrote.
bricksteen
50%
50%
bricksteen,
User Rank: Apprentice
8/4/2015 | 11:33:58 PM
no doubt
It's one of which most different levels of consumers use for different reasons but I wonder if a lot of people use<a href="https://ironsocket.com">ironsocket</a>.  I've been using this since last year and no doubt!. It gives 100% security from any other.


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&amp;M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.