Low Orbit Security
@loworbitsec.bsky.social
Tailored Security Solutions
6. This could be you running gubble....
January 1, 2025 at 6:54 PM
6. This could be you running gubble....
5. With Gubble you can easily identify these threats (or opportunities if you're on the offensive security side of things)
January 1, 2025 at 6:53 PM
5. With Gubble you can easily identify these threats (or opportunities if you're on the offensive security side of things)
4. In this example, anyone in the organization can send messages from the security group. This can be used for internal phishing.
If a threat actor can post as security@<yourorganization>.com, they can send out extremely successful internal phishing emails
If a threat actor can post as security@<yourorganization>.com, they can send out extremely successful internal phishing emails
January 1, 2025 at 6:53 PM
4. In this example, anyone in the organization can send messages from the security group. This can be used for internal phishing.
If a threat actor can post as security@<yourorganization>.com, they can send out extremely successful internal phishing emails
If a threat actor can post as security@<yourorganization>.com, they can send out extremely successful internal phishing emails
3. Or how about finding a group called CLOUD_ADMINS that anyone in your organization can join?
Who knows what level of access being in this group would give an attacker.
Who knows what level of access being in this group would give an attacker.
January 1, 2025 at 6:53 PM
3. Or how about finding a group called CLOUD_ADMINS that anyone in your organization can join?
Who knows what level of access being in this group would give an attacker.
Who knows what level of access being in this group would give an attacker.
2. Gubble finds overly permissive group like this HR one that exposes highly sensitive information.
January 1, 2025 at 6:53 PM
2. Gubble finds overly permissive group like this HR one that exposes highly sensitive information.
1. Are you sure your your sensitive Groups are locked down?
In this example everyone in the domain can view the conversations of the HR Group.
In this example everyone in the domain can view the conversations of the HR Group.
January 1, 2025 at 6:53 PM
1. Are you sure your your sensitive Groups are locked down?
In this example everyone in the domain can view the conversations of the HR Group.
In this example everyone in the domain can view the conversations of the HR Group.