Exploits in Endpoint Protection and Backup Vulnerabilities

No Internet Access: SSH to the Rescue
If faced with restrictive outbound network access policies, a single inbound SSH connection can quickly be turned into a tunnel or a full-blown VPN
https://isc.sans.edu/diary/No%20Internet%20Access%3F%20SSH%20to%20the%20Rescue!/31932
SAMSUNG magicINFO 9 Server Flaw Still exploitable
The SAMSUNG magicINFO 9 Server Vulnerability we found being exploited last week is apparently still not completely patched, and current versions are vulnerable to the exploit observed in the wild.
https://www.huntress.com/blog/rapid-response-samsung-magicinfo9-server-flaw
Bring Your Own Installer: Bypassing SentinelOne Through Agent Version Change Interruption
SentinelOne s installer is vulnerable to an exploit allowing attackers to shut down the end point protection software
https://www.aon.com/en/insights/cyber-labs/bring-your-own-installer-bypassing-sentinelone
Commvault Still Exploitable
A recent patch for Commvault is apparently ineffective and the PoC exploit published by watchTowr is still working against up to date patched systems
https://infosec.exchange/@wdormann/114458913006792356