mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,5 Tsd.
aktive Profile

#sitecore

0 Beiträge0 Beteiligte0 Beiträge heute
CrowdSec<p>🚨 New Exploits Targeting Sitecore Experience Platform (XP)<br>Another wake-up call: Monitoring disclosed CVEs isn't enough anymore.</p><p>🔍 Last week, WatchTowr Labs dropped a detailed analysis of a pre-auth RCE chain in Sitecore XP – and it didn’t take long for attackers to move.</p><p>Within hours, CrowdSec’s network detected active exploitation in the wild.</p><p>⚠️ Key findings:<br>🔹 The Vulnerability-to-Exploit Window Is Critical: Attacks now outpace CVE assignments, leaving organizations exposed during the disclosure gap. This was demonstrated when, within hours of WatchTowr’s public analysis, CrowdSec’s threat network detected three distinct IPs actively scanning and exploiting vulnerable Sitecore XP instances.<br>🔹 Official CVE Designation a Few Hours After WatchTowr’s Article: The flaw is now formally tracked as CVE-2025-34509, CVE-2025-34510, and CVE-2025-34511 (listed on NVD).</p><p>🛠️ About the exploit:<br>The vulnerability chain enables unauthenticated remote code execution (RCE) through Sitecore’s publishing service, allowing attackers to compromise the entire CMS without requiring credentials. Successful exploitation could lead to data theft, malware deployment, or lateral movement within affected systems.</p><p>📈 Trend analysis:<br>🗓️ June 17: WatchTowr publishes the article.<br>⏱️ Hours later: CrowdSec’s decentralized threat network detected exploitation attempts from 104.248.137.152.<br>📍 Following days:<br>Two more IPs (130.33.178.14, 217.156.122.239) launched aggressive scans, with 130.33.178.14 alone responsible for 50+ attacks over the weekend.</p><p>🛡️ How to protect your systems:<br>🔹 Investigate: If your organization uses Sitecore XP, check your logs for these IPs: 130.33.178.14, 217.156.122.239, 104.248.137.152.<br>🔹 Patch: Do the necessary to patch your Sitecore XP CMS system.<br>🔹 Stay proactive: Gain additional protection by installing the Crowdsec Web Application Firewall to stay ahead of exploit attempts with 100+ virtual patching rules available: <a href="https://doc.crowdsec.net/docs/next/appsec/intro" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">doc.crowdsec.net/docs/next/app</span><span class="invisible">sec/intro</span></a></p><p>📣 Real-time threat intelligence is not optional. Let’s stay ahead of these threats together 👉 <a href="http://crowdsec.net" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">http://</span><span class="">crowdsec.net</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatIntel</span></a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RCE</span></a> <a href="https://infosec.exchange/tags/Sitecore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sitecore</span></a> <a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrowdSec</span></a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Sitecore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sitecore</span></a> <a href="https://mastodon.thenewoil.org/tags/CMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CMS</span></a> exploit chain starts with hardcoded 'b' password</p><p><a href="https://www.bleepingcomputer.com/news/security/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/sitecore-cms-exploit-chain-starts-with-hardcoded-b-password/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Corey Smith 👨🏻<p>Fun <a href="https://mas.to/tags/SitecoreLunch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SitecoreLunch</span></a> today! Discussed:</p><p>💻 <a href="https://mas.to/tags/VibeCoding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VibeCoding</span></a><br>📈 Graph databases<br>🎞️ Predictable movies<br>🔐 Password managers<br>💻 <a href="https://mas.to/tags/StackOverflow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StackOverflow</span></a> is dying<br>🛠️ <a href="https://mas.to/tags/Sitecore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sitecore</span></a> <a href="https://mas.to/tags/MSBuild" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MSBuild</span></a> session<br>🤖 Simple vs. complex AI tasks<br>☎️ Remembering phone numbers<br>🐤 We're all paying for <a href="https://mas.to/tags/Twitter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Twitter</span></a> now</p><p>See you same time next week! 🥪🥗</p>
Nebraska.Code<p>Brandon Bruno gives a 'A React Crash Course for Backend Dinosaurs' July 25th at Nebraska.Code().</p><p><a href="https://nebraskacode.amegala.com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">nebraskacode.amegala.com/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/react" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>react</span></a> <a href="https://mastodon.social/tags/backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backend</span></a> <a href="https://mastodon.social/tags/DotNet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DotNet</span></a> <a href="https://mastodon.social/tags/MVC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MVC</span></a> <a href="https://mastodon.social/tags/websolutions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>websolutions</span></a> <a href="https://mastodon.social/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>javascript</span></a> <a href="https://mastodon.social/tags/Nebraska" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nebraska</span></a> <a href="https://mastodon.social/tags/backenddevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backenddevelopment</span></a> <a href="https://mastodon.social/tags/propsvsstate" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>propsvsstate</span></a> <a href="https://mastodon.social/tags/jsxsyntax" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>jsxsyntax</span></a> <a href="https://mastodon.social/tags/classcomponents" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>classcomponents</span></a> <a href="https://mastodon.social/tags/Sitecore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sitecore</span></a> <a href="https://mastodon.social/tags/TechnologyConference" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechnologyConference</span></a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a></p>
securityaffairs<p>U.S. <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a> adds <a href="https://infosec.exchange/tags/Sitecore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sitecore</span></a> CMS and XP, and <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> Action flaws to its Known Exploited Vulnerabilities catalog<br><a href="https://securityaffairs.com/175915/security/u-s-cisa-adds-sitecore-cms-and-xp-and-github-action-flaws-to-its-known-exploited-vulnerabilities-catalog.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/175915/sec</span><span class="invisible">urity/u-s-cisa-adds-sitecore-cms-and-xp-and-github-action-flaws-to-its-known-exploited-vulnerabilities-catalog.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>