So Microsoft Federated Services uses /adfs/ls in most of it's paths to various types of pages like login/logout etc for Single Sign-On. But there is one particular page with the path of /adfs/ls/idpinitiatedsignon.aspx? that's really interesting to me because it usually has a drop down menu that gives you a list of applications or places to login to. For one company, it was basically a list of it's clients. For Microsoft, there was one that had all kinds of internal applications and stuff that I would classify as social engineering ammo. Most people figured out how to hide this page with a robots.txt file but they aren't hiding the " /adfs/ls/" so I search on that path and when I find it, I try appending "idpinitiatedsignon.aspx?" to it and see if it resolves. I found some pretty interesting stuff without digging too hard. I don't know if it's me but this info seems a little too sensitive to just hang out on the internet.
Here is one for Medtronic.
Here is a pic of one for Microsoft.
This same thing happened to a good friend of mine. Then recently, another friend of mine told me a similar story about a friend of his. Seems that anybody can call SWAT on anybody else these days and they don't vet shit before going off half-cocked. This is an accident waiting to happen. If I opened my door to a gun in my face, I seriously do not know how I would react - especially if I thought my kid was in danger. I would love to see stats on how many times innocent people were taken down by these wannabe army guys. I hope Krebs takes them down in the media and then sues the hell out of them.
The ISC patch Tuesday chart with breif descriptions of each vulnerability and patch