Binary Security
@binarysecnorway
Followers
85
Following
1
Media
0
Statuses
12
Binary Security delivers high-quality cyber security services. Application security and penetration testing are two of our specialties.
Norway
Joined January 2019
New Blog Post is out! https://t.co/ndUlAzTxvY. In this one, our researcher Torjus Bryne Retterstøl had a quick look at Azure DevOps, and that was all it took to find 3(!) awardable bugs.
binarysecurity.no
Binary Security found three SSRF vulnerabilities in Azure DevOps that we reported to Microsoft. This blog post outlines the way we identified these vulnerabilities, and demonstrates exploitation...
1
4
10
If you heard Christian August Holm Hansen's ( https://t.co/3Jm97yOGCp) talk at @Sikkerhetsfest , or you are interested in Azure Management Security, you can check out the latest blog post over at our website,
binarysecurity.no
This blog post shows how a user with Reader-level access to an Azure API Management resource actually had the equivalent of Contributor-level access, allowing the user to read, modify and even delete...
0
1
2
Have you ever wondered how the Azure Kubernetes Services authentication works? Our researcher Christian ( https://t.co/3Jm97yOGCp) has investigated, and found that all was not well🤯. Both access as a guest user and cross tenant was achieved 💯.
1
2
2
New blog post🔥! https://t.co/PpvDLOHYFH This time our researchers @hagul2 and https://t.co/3Jm97yOGCp have taken a look at the old versions of the Azure Management API.
0
3
3
New High CVE in Splunk just dropped, and this time it was our very own @Torjusbr that reported it🔥. https://t.co/by2DjZHJtL
0
0
0
CVE-2023-32714 In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Spl...
0
4
4
Do you know whats in your public Docker Images? Researcher Christian August Holm Hansen has posted an interesting case study of Google's Apigee image and uncovered a whole lot of secrets lying around...
binarysecurity.no
This post is on secrets embedded in Docker images with examples found in a public Google Cloud Docker image (Apigee) and how these were used to exploit running services.
0
4
1
Do you know whats in your public Docker Images? Researcher Christian August Holm Hansen has posted an interesting case study of Google's Apigee image and uncovered a whole lot of secrets lying around...
binarysecurity.no
This post is on secrets embedded in Docker images with examples found in a public Google Cloud Docker image (Apigee) and how these were used to exploit running services.
0
4
1
Security Specialist Christian August Holm Hansen has written a post about a Subdomain Takeover vulnerability we found in Azure Devops.
binarysecurity.no
This post details how we took over an Azure Devops subdomain to enable 1-click Azure Devops account takeovers with an additional treat of taking over a Microsoft Disaster Recovery account.
0
4
8
Vi har holdt kurs for ITverket. Her kan du lese hva de synes om kursdagen: https://t.co/xaLHm1WdOe
#infosec #binarysecurity #itverket #itsikkerhet #informationsecurity #devsecops
0
0
1
We are ready for @TheParanoiaConf! Come hear us talk about Bug Bounties at 16.15 on the Tech track #Paranoia19 @Hacker0x01 @GoogleVRP @Bugcrowd @synack @disclose_io
0
1
2