Syslifters

Mr Musk, We are so sorry we missed the deadline. Please don't fire us. The five bullet points you asked for: * 🛜 We proved that an AI system generates responses on-premises.   ➡️  Oh, no. Data security and compliance are inefficient. Please don't fire us. * 📝 Our co-founder Michael passed his master's exam.   ➡️  Is this a sign of corruption? Please guide us!! * 👨💻 An intern started working with us.   ➡️  Should we fire him right away? But he's good. And not corrupt. (Probably.) * 🪦 We checked if the security vulnerabilities of a tool for morticians were fixed.   ➡️  We'll certainly be on the mortician's list soon. * 🏖️ Our co-founder Aron was on vacation for one day.   ➡️  🔥 Fired!!

😱 This is what it feels like to have vulnerabilities reported: Subdomain takeover at Syslifters. Most emails that we receive regarding vulnerabilities in our infrastructure are rather "vulnerabilities": meaning they are not actually real security risks. Last week, we received a report stating that one of our domains was vulnerable to subdomain takeover.  Here's what happened: * When we started Syslifters, we registered syslifters.com with our private accounts at Porkbun. * Later, we moved it to our company's IT provider Hetzner. * For a seamless migration we added DNS records for our previous nameserver at Porkbun: ns2.syslifters.com pointing to the IP of Porkbun's nameserver. * Later, we didn't longer need it, but forgot to deprovision the record. * At some point in time, Porkbun replaced the nameserver with that IP. * The nameserver was running in AWS cloud, and they returned the IP address, so it could be assigned to other customers. * Our bug bounty hunter created a server and got that IP address assigned (probably by chance). * He placed a payload on a web server which was returned when accessing http://ns2.syslifters.com * Thus, he successfully took over our ns2.syslifters.com subdomain. He could have misused this vulnerability by: * Distributing malware using a seemingly legitimate domain name. * Trick users trusting our brand. * Attacking users of other websites hosted on syslifters.com subdomains that solely rely on SameSite=Strict as CSRF protection. Luckily, he reported the vulnerability to us, so we could react: * We removed the orphaned DNS record. * We reviewed all other DNS records. * If the bug bounty hunter had issued a TLS certificate, we would have had to revoke it (to prevent future MitM attacks on that domain name). We offered a voluntary bounty of € 200. We assume that there are some more subdomains pointing to that Porkbun IP address in the wild. Enjoyed this post? Then follow us & hit the 🔔 icon for expert insights on Pentesting, Red Teaming, and everything else security-related. ❤️

Willkommen im Team, Matthäus! 😊 Meister am Blech 🎺, Meister in den Tasten 👨💻 – und jetzt auch im Pentesting! Matthäus hat im September letzten Jahres als Praktikant bei uns gestartet und seit Jänner verstärkt er unser Team fix als Pentester. Mit einem IT-Security-Studium, Erfahrung als System Engineer und tiefem Know-how in Active Directory, Virtualisierung, Patch-Management & Co. bringt er nicht nur technisches Wissen, sondern auch Teamgeist und Einsatzbereitschaft mit.  Und wenn er gerade nicht Systeme auf Sicherheitslücken prüft? Dann widmet er sich ehrenamtlichen Tätigkeiten oder leitet als Obmann eine Musikkapelle. Ein echter Macher, technisch versiert und menschlich top!  Schön, dich im Team zu haben, Matthäus! 🙌 #WelcomeToTheTeam #Syslifters

We're hiring a senior pentester. * 40h, m/w/d, remote * German and English speaking * Permanent residence in Austria https://lnkd.in/dZVDPPts Please support us by spreading the word ❤️ 

We're looking for... you? We're hiring pentesting interns with Austrian residence and fluent German skills. 40h, m/w/d, remote € 1900 per month Min. 4 months duration Find more information at: https://lnkd.in/dVhFWMTf

🎅 As 2024 winds down, we’re celebrating a year packed with milestones and achievments:  🔆 Added dozens new SysReptor features like sharing capabilities and a plugin system, and launched two Hack The Box exam designs — the latest being CAPE (https://lnkd.in/dF_47d22).   🔆 Introduced SysLeaks, our very own password-leak service, with exciting updates for pentesters planned for next year. Stay tuned.   🔆 Successfully completed 71 exciting pentesting projects, from on-prem infrastructure tests over cloud assessments to web application assessments.   🔆 Took our first interrail workation to RomHack conference in Rome, Italy. An experience we can’t wait to repeat! 🔆 And welcomed two interns and grew our team for the first time! 🎉  It’s been a challenging but rewarding year, and we couldn’t be happier with what we accomplished. We’re already excited for what’s ahead in 2024!  Wishing you all happy and relaxing holidays with loved ones. See you next year!  -Team Syslifters 🎄✨  #EOY #Christmas #Pentesting #WebSecurity #AppSecurity #InfoSec ----------------------------------------------------------------------- Enjoyed this post? Then follow us & hit the 🔔 icon for expert insights on Pentesting, Red Teaming, and everything else security-related. ❤️

𝐒𝐞𝐭𝐭𝐢𝐧𝐠 𝐮𝐩 𝐚𝐧 𝐎𝐈𝐃𝐂 / 𝐎𝐀𝐮𝐭𝐡 𝐒𝐞𝐫𝐯𝐞𝐫? 𝐖𝐚𝐭𝐜𝐡 𝐨𝐮𝐭 𝐟𝐨𝐫 𝐨𝐩𝐞𝐧 𝐫𝐞𝐝𝐢𝐫𝐞𝐜𝐭𝐬! ⚠️ An open redirect in an OIDC/OAuth flow can be a serious risk. It can allow attackers to redirect users to malicious websites, where they can capture the authorization code. With this code, attackers could obtain the user’s ID and access token, leading to account takeover. 🔐 Make sure to harden your trusted redirect targets so that your application only redirects to approved domains. #OAuth #OIDC #WebSecurity #AppSecurity #InfoSec #Pentesting ----------------------------------------------------------------------- Enjoyed this post? Then follow us & hit the 🔔 icon for expert insights on Pentesting, Red Teaming, and everything else security-related. ❤️

𝐓𝐡𝐢𝐧𝐤 𝐲𝐨𝐮𝐫 𝐩𝐚𝐬𝐬𝐰𝐨𝐫𝐝 𝐢𝐬 𝐬𝐞𝐜𝐮𝐫𝐞? 𝐓𝐡𝐢𝐧𝐤 𝐚𝐠𝐚𝐢𝐧! 😱 Even a password like BJhA3q8THrD+zysQECe! won’t protect you if it was stolen by info stealer malware. 💻 Once it’s exposed on the darkweb, anyone can find it, and attackers can easily use it to access your accounts. 🔐 This is one of the easiest ways attackers break into enterprise infrastructure or sensitive apps. It has also proven to be highly effective in our penetration testing engagements. No vulnerability exploitation required! 🚨 Want to stay secure? Enable Multi-Factor Authentication (MFA) for your accounts and keep your computers healthy. How do you handle this? Share your best practices or advice in the comments below. 👇 #Cybersecurity #MFA #DarkWeb #Pentesting #Infosec #SysLeaks ----------------------------------------------------------------------- Enjoyed this post? Then follow us & hit the 🔔 icon for expert insights on Pentesting, Red Teaming, and everything else security-related. ❤️

Clients deploying hotfixes during a pentest! 🙄 Who can relate? We’ve run into this situation several times in the past - clients deploying emergency patches for the vulnerabilities we’ve just found and exploited. While it’s usually done with good intentions, it often causes more harm than good. It makes testing harder, messes up documentation, and sometimes these quick fixes can even introduce new security issues. The better approach? Coordinate with your pentester before making changes so you can solve the problem together. Got a story like this? Drop a comment, we’d love to hear it! 🚀 Like our posts? Then please follow us! We regularly write about #Pentesting #RedTeaming #Phishing #Cybersecurity and everything else relevant to security. ❤️

𝐑𝐞𝐦𝐨𝐭𝐞 𝐯𝐬. 𝐨𝐧-𝐬𝐢𝐭𝐞 𝐩𝐞𝐧𝐭𝐞𝐬𝐭𝐢𝐧𝐠: which option works best for you? We’d also love ❤️ to hear why! Drop your thoughts in the comments.👇 🚀 Like our posts? Then please follow us! We regularly write about #Pentesting #RedTeaming #Phishing #Cybersecurity and everything else relevant to security. ❤️