This is a quick blog about a bug I found in a private bounty program on Bugcrowd. The reason for me writing about it is to increase awareness around these issues and implementation flaws so that fellow bug bounty hunters/people in Infosec/developers can use the information in this article for the betterment of security.
In this article I will go through my findings and analysis on the Safe Links feature of Microsoft’s Office 365 Exchange Online Advanced Threat Protection.
Ninite has long been my number one tool for deploying, updating and removing popular 3rd party applications… I especially enjoy the feeling of removing Flash and Java from any where I can get my hands on 🙂
Up until now, Ninite has been completely agentless. You get a simple light-weight .exe which you can either run by double clicking or by using switches in the CLI (NinitePro.exe).
To automate the process of deploying or updating applications you previously had to script something together and schedule the .exe to run at a schedule. I don’t mean to make it sound like scripting it to make it work in your environment is difficult – it really isn’t but sometimes it can be tricky to implement for machines that are either not on the domain or simply not on the premises to receive those updates.
Please note that these new features are designed for business/enterprise environments so only available for Ninite Pro users.
So the title is a bit misleading but I figured it’s what most people will search if they want to get active call stats from their Cisco Unified Communications infrastructure – it’s certainly what I searched when I wanted to achieve the same thing. Turns out you can only get active call stats via SNMP from the Cisco Unified Border Element (CUBE).
I will show you how you can get the active incoming/outgoing and total external calls and how you can use these in PRTG to get a nice graph going of Active Calls Vs Bandwidth.
What you won’t see is the number of internal calls as we are only monitoring the CUBE. Internal calls don’t touch the CUBE and as far as my research went, the CUCM server doesn’t keep track of active calls… at least not without some manipulation of OIDs.
This is my first in, I hope, a series of posts about the ‘state of things on the internet’ along with my findings and anything interesting I may have come across along the way.
This post will be about the state of Telnet (Port 23) on the internet from the perspective of a single internet-scanning host (read more in the methodologies section below). I’ll be going through some statistics including: top countries, top brands and/or firmware and lastly, an analysis on banner responses.
In this post I will walk you through setting up a PaperCut real-tine activity display for your office. Not only does it look good but it can also be very useful for staff on the service desk who may be dealing with printer issues/queries.
This is a quick post to help sysadmins facing save issues with Microsoft Office 2016 – specifically the action of saving to the Documents folder and being redirected to Network Shortcuts instead. This issue may be present in Office 2013 too but it’s not what I have deployed in my environment so cannot say for sure if the same symptoms occur on 2013.