Zerotier - Multiple Vulnerabilities
An attacker may chain Zerotier root-server identity overwriting, insecure identity verification and various information leakage vulnerabilities to gain unauthorised access to private Zerotier networks.
read more
Pulse Security is a specialist information security consultancy.
We're here to help your business stay protected from adversaries.
We look at your business like your real adversaries would. They won't go easy and we won't either.
We go beyond just using automated tools, instead using skills and techniques that real adversaries do.
We help you prepare and respond to cyber security incidents.
We're focused on offensive security, including dedicated research days to continually develop our skills.
All engagements follow our comprehensive technical methodologies and quality assurance process.
Our specialist offensive testing services include an extensive range of penetration testing capabilities at the application, network, and physical level.
Complementing our Penetration Testing we also perform network architecture and application review services. Helping your business achieve best practice design and secure-by-default approaches to your infrastructure.
For when things go wrong, our experienced and qualified team will help with getting you back on track.
An attacker may chain Zerotier root-server identity overwriting, insecure identity verification and various information leakage vulnerabilities to gain unauthorised access to private Zerotier networks.
read moreIn this post I’ll show you a neat party trick that can let you easily bypass Time-Based One Time Password (TOTP) multi-factor authentication, and often within just a few hours. If your TOTP implementation doesn’t include brute-force protection, you might be in trouble. Sample code to exploit this can be found here.
Network pivoting is a fancy name we use to describe sending network traffic via one or more hosts that we’ve compromised. It lets us get behind firewalls, access more stuff and is an essential component of serious malware. This is the story of a highly portable network pivot I created. It’s based on (more or less) stealing code from some malware I reverse engineered as part of an incident response engagement.
How can we help?
+64 4 889 4756
info at pulsesecurity.co.nz