Pen Test Partners<p>🚫 No fire detection means no going to sea.<br>If you're running the Consilium Safety CS5000 fire panel on board, hardcoded credentials could let an attacker shut it down remotely.<br> <br>As a result, if the system is taken offline, your vessel could be detained, lose its class certification, or be prevented from sailing altogether.<br> <br>There is no patch available. The vendor has stated they won’t fix the issue unless cybersecurity was part of your original contract.<br> <br>If your panel was installed before July 2024, it likely wasn’t designed with modern cybersecurity in mind.<br> <br>Andrew Tierney explains how we discovered the vulnerability, its implications for operators, and the steps you can take to mitigate the risk.<br> <br>📌 Read here: <a href="https://www.pentestpartners.com/security-blog/fire-detection-system-been-pwned-youre-not-going-to-sea/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pentestpartners.com/security-b</span><span class="invisible">log/fire-detection-system-been-pwned-youre-not-going-to-sea/</span></a><br> <br><a href="https://infosec.exchange/tags/MaritimeCyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MaritimeCyberSecurity</span></a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityResearch</span></a> <a href="https://infosec.exchange/tags/OTSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTSecurity</span></a> <a href="https://infosec.exchange/tags/FireDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FireDetection</span></a> <a href="https://infosec.exchange/tags/CyberRisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberRisk</span></a></p>
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto
Please refer to the site rules before posting.
Administered by:
Server stats:
246active users
photog.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#vulnerabilityresearch
0 posts · 0 participants · 0 posts today
HN Security<p>We have identified some security vulnerabilities (CVE-2025-1731) in Zyxel USG FLEX H Series firewall appliances, that allow local users with access to a Linux OS shell to escalate privileges to root.<br> <br><a href="https://security.humanativaspa.it/local-privilege-escalation-on-zyxel-usg-flex-h-series-cve-2025-1731" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">security.humanativaspa.it/loca</span><span class="invisible">l-privilege-escalation-on-zyxel-usg-flex-h-series-cve-2025-1731</span></a><br> <br><a href="https://infosec.exchange/tags/Zyxel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Zyxel</span></a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityResearch</span></a> <a href="https://infosec.exchange/tags/CoordinatedDisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CoordinatedDisclosure</span></a></p>
JamesStevenson<p>Just finishing up Obfu[DE]scate! A <a href="https://infosec.exchange/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> tool that simplifies de-obfuscation and comparison between <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> APK versions - even after functions have been renamed, removed, or altered as part of obfuscation.</p><p><a href="https://github.com/user1342/Obfu-DE-Scate" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/user1342/Obfu-DE-Sc</span><span class="invisible">ate</span></a></p><p><a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReverseEngineering</span></a> <a href="https://infosec.exchange/tags/MalwareAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MalwareAnalysis</span></a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityResearch</span></a></p>
JamesStevenson<p>I've been working on a <a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReverseEngineering</span></a>, <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityResearch</span></a> , <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a>, and <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OffensiveSecurity</span></a> training platform over the past few months. It's still in the 'MVP' stage so I'd love any feedback folk have for it! 🧑💻👩💻👨💻</p><p><a href="http://www.TODO.courses" rel="nofollow noopener" target="_blank"><span class="invisible">http://www.</span><span class="">TODO.courses</span><span class="invisible"></span></a></p>
JamesStevenson<p>I've finally setup an account on Mastodon 🙌😅 Now that I'm here, thought that I'd fill my feed with a few bits and pieces that I've been up to over the past year. 🧵</p><p>📱100% off <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> Analysis Course:<br><a href="https://www.udemy.com/course/android-malware-analysis/?couponCode=MASTODON" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">udemy.com/course/android-malwa</span><span class="invisible">re-analysis/?couponCode=MASTODON</span></a></p><p>🤖 100% off Android Games <a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReverseEngineering</span></a> Course:<br><a href="https://www.udemy.com/course/learn-reverse-engineering-through-android-games/?couponCode=MASTODON" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">udemy.com/course/learn-reverse</span><span class="invisible">-engineering-through-android-games/?couponCode=MASTODON</span></a></p><p>📚 75% Off My Android / <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityResearch</span></a> and <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PenTesting</span></a> book: <a href="https://ko-fi.com/jamesstevenson/link/MASTODON" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ko-fi.com/jamesstevenson/link/</span><span class="invisible">MASTODON</span></a></p>
Live feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload