Silverpeak SD-WAN +7 CVE

Fixed (?) published. Kudos SD-WAN New Hop team: Sergey Gordeychick, Denis Kolegov, Maxim Gorbunov, Nikolay Tkachenko, Nikita Oleksov, Oleg Broslavsky, Antony Nikolaev

AI Finger

Special release for XCON 2019 Beijing conference and “AI for Security or Security for AI” talk by Sergey Gordeychik.

Very first (and very draft) round of Machine Learning and Artificial Intelligence Frameworks and Applications Fingerprinting and Internet Census project.
Based on the Grinder framework.

SD-WAN Security Assessment: The First Hours

SD-WAN Security Assessment: The First Hours

Introduction

Suppose you need to perform a security assessment of an SD-WAN solution.
There are several reasons for this and one of them is selecting an SD-WAN provider or product.

A traditional SD-WAN system involves many planes, technologies, mechanisms, services, protocols and features.
It has distributed and multilayered architecture. So where should you start?

The main goal of this document is to list basic sanity checks that can be used when investigating SD-WAN.
We will consider general checks that can be applied to any SD-WAN system.

More cyber girls needed!

Harbour.Space University (Barcelona) provides  scholarship opportunity for women who want to study Cybersecurity or Fintech.
Apply before May 30th to Hack The Planet for free!

https://harbour.space/register

On CVE-2019-11550

Citrix SD-WAN Security Update (CTX247735)

An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This  vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic.

The Grinder updates

New release of the Grinder framework, created to automatically enumerate and fingerprint hosts on the Internet using different back-end systems: search engines, such as Shodan or Censys, for discovering hosts and NMAP engine for fingerprinting and specific checks.

The Grinder for SD-WAN

Internet-connected Devices Census Python Framework by Anton Nikolaev

Special release for insomnihack 2019.

The Grinder framework was created to automatically enumerate and fingerprint different hosts on the Internet using different back-end systems: search engines, such as Shodan or Censys, for discovering hosts and NMAP engine for fingerprinting and specific checks. The Grinder framework can be used in many different areas of researches, as a connected Python module in your own project or as an independent ready-to-use from the box tool.