Blog Posts Tagged with "Windows"

Eb7e8df20aa93ae571f506153de0fe84

Identifying and Patching Vulnerabilities in a Post-Microsoft Security Bulletin World

July 27, 2017 Added by:Ken Hilker

Last November Microsoft warned that the Security Bulletins on Patch Tuesday would be discontinued, and they followed through on their promise with the April 2017 edition

Comments  (0)

Fafdf1720f4df1d41c6eacbd2429a06b

Windows Update to Fix Pass-the-Hash Vulnerability? Not!

May 27, 2014 Added by:Tal Be'ery

Exploiting the Pass-the-Hash vulnerability is the weapon of choice for most APT attackers. Therefore when Microsoft released a Windows’ update on May 13th titled: “Update to fix the Pass-The-Hash Vulnerability”, it was warmly accepted by IT teams. However, this update was received by the security community with a raised eyebrow, especially due to the fact that just two months before the upd...

Comments  (0)

219bfe49c4e7e1a3760f307bfecb9954

5 Common Windows Hardening Misconfigurations

October 31, 2013 Added by:Rohit Sethi

Over numerous Windows configuration review engagements that we have performed for our clients, we observed a common pattern in the configuration weaknesses that are worth highlighting here.

Comments  (0)

875b62bb8cdfb9fb199603e9e24a54a6

Despite a Decade of Security Upgrades, Windows Vulnerabilities Still Exist

February 22, 2013 Added by:Mark Austin

Windows 8 is touted, rightfully so, for being the most secure Windows operating system yet. However, it would be a mistake to believe that Windows 8 does not require external security enhancements.

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Security in Action: Part 1

November 04, 2012 Added by:Dan Dieterle

Is Windows 8 the next operating system for your enterprise? In this article, we will take a quick look at Microsoft’s new OS – Windows 8. We will see some of the new security features that make it more secure than its predecessor Windows 7...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

The New Social Engineering Toolkit vs Windows 7 and 8

October 08, 2012 Added by:Dan Dieterle

Cyber genius David Kennedy (aka The Mad Hugger) and his rockstar team have done it again. Just when you thought your Anti-Virus was safe, the TrustedSec team has shown once again that pinning all your corporate security hope on AV protection alone is not a good strategy...

Comments  (1)

B64e021126c832bb29ec9fa988155eaf

Windows 8 Forensics: Reset and Refresh Artifacts

September 24, 2012 Added by:Dan Dieterle

Everything about the machine pre-refresh can be recovered, and is placed into a folder named windows.old. Information in regards to the migration process, old vs. new mappings, and the date and time of the refresh can be found by in the $SysReset folder and the specific log...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Raising Zombies in Windows: Passwords

September 13, 2012 Added by:Rob Fuller

List the tokens available with Incognito, your new user will be there, steal it and you're done. You now have the ability to user that account/domain token on any of the hosts you've compromised on the network, not just the ones they happen to have left themselves logged in...

Comments  (0)

099757b145caa6965ea51494adbc25ba

How to Secure Windows 2000... For a Limited Time

September 07, 2012 Added by:Drayton Graham

A number of organizations are still using Windows 2000. It is up to the organization to determine the acceptable risk for continued use of Windows 2000-based systems. If Windows 2000 is a necessity at this time within your environment, here are some security techniques you can implement...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Shamoon Malware: Cyber Espionage Tool or Cyber Weapon

August 20, 2012 Added by:Pierluigi Paganini

Many hypotheses have been proposed, and some experts are convinced that Shamoon is a new state sponsored malware designed for cyber espionage that is also able to destroy the victims' device, perhaps to hide its operations by deleting evidence that can link the agents to the Command & Control servers...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Windows XP Support End of Life

July 18, 2012 Added by:Infosec Island Admin

ICSCERT has identified three technology deployment areas to evaluate when considering the upcoming EOL of XP SP3 across ICS environments. Applications installed on Windows XP SP3 operating system builds on standard IT equipment, including engineering workstations, HMI servers, historian systems, etc...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Evidence of Compromise: Metasploit's PSEXEC

July 15, 2012 Added by:Rob Fuller

I was messing with the Windows service binaries in Metasploit and I noticed something. For the PSEXEC module, the service name (actually just the display name, 'service name' is random) always started with an uppercase 'M'. Curious to why that was I looked and found Line 246 of the PSEXEC module to be the culprit...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

The Rise of Multi-Platform Malware

July 12, 2012 Added by:Pierluigi Paganini

Using a JAR, the malware is able to identify the OS and download the right files to infect the targeted machine. After identifying the type of operating system a unit is running, a Java class file will download the appropriate malware, with the purpose to open a backdoor to allow remote access to the machine...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Multi-Platform Backdoor Malware in the Wild

July 11, 2012 Added by:Headlines

"The JAR file checks if the user's machine is running in Windows, Mac or Linux then downloads the appropriate files... the three different platforms behave the same way. They all connect to 186.87.69.249 to get additional code to execute. The ports are 8080, 8081, and 8082 for OSX, Linux, and Windows respectively..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Busting the Ten Biggest Computer Security Myths

May 08, 2012 Added by:Headlines

While some of the myths addressed may seem to be common sense issues, they also represent widespread misconceptions that continue to be pervasive in the information technology world today, so a reminder that these notions are bunk seems in order...

Comments  (1)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: WellinTech KingView DLL Hijack Vulnerability

May 02, 2012 Added by:Infosec Island Admin

Independent researcher Carlos Mario Peñagos Hollman identified a DLL Hijack vulnerability in WellinTech’s KingView application. WellinTech has created a patch that resolves the vulnerability. Mr. Hollman has tested the patch and verified that it resolves the vulnerability...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »