Toughen Up Your AD

Request for Comments (RFC) 1823 from August 1995 introduced the Lightweight Directory Access Protocol (LDAP) Application Programming Interface (API). One could argue that this important work served as the foundation for modern ...
Why Most Organizations Still Can’t Defend against DCShadow – Part 2

Why Most Organizations Still Can’t Defend against DCShadow – Part 2

In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you ...
DCShadow Blog - Adding Domain Admin SID

Why Most Organizations Still Can’t Defend against DCShadow

DCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary ...

NSA sounds the alarm on BlueKeep: Windows vulnerability opens the door for the next WannaCry

It’s been just over two years since WannaCry, the ransomware that exploited the EternalBlue vulnerability to infect hundreds of thousands of computers around the world and inflict an estimated $8B in damages ...
hackers

Wi-Fi Chip Firmware Flaws Enable Over-the-Air Hacking

Editor’s Note: This post was updated Jan. 29 to include a statement from Marvell Wi-Fi chips used in several gaming consoles, Chromebooks, streaming boxes, routers and other types of devices have several ...
Security Boulevard
Windows VCF Zero-Day Exploit Allows Remote Code Execution

Windows VCF Zero-Day Exploit Allows Remote Code Execution

A new unpatched vulnerability in Windows has been disclosed along with proof-of-concept exploit code. It could allow hackers to more easily install malware on computers, but it requires user interaction. The vulnerability ...
Security Boulevard
Muhstik

New Windows Zero-day Bug Allows Deleting Arbitrary Files

A security researcher released exploit code for an unpatched bug in Windows that could allow an attacker with limited privileges to delete system files. Exploiting the bug requires winning a race condition ...
Security Boulevard
Fileless Malware Rapid Expansion

Researcher Drops Third Windows Zero-Day Exploit in Four Months

A security researcher who uses the online handle SandboxEscaper has published proof-of-concept exploit code for an unpatched vulnerability in Windows. The flaw is located in the “MsiAdvertiseProduct” function, which, according to Microsoft’s ...
Security Boulevard
Best Practices for Data Security

New Windows Zero-Day Flaw Dropped on Twitter

A new vulnerability affecting Windows 10 has been disclosed on Twitter before being patched and it allows attackers to delete system files or to replace sensitive libraries. The vulnerability is located in ...
Security Boulevard
China Gifts African Union

Hackers Replace MEGA Chrome Extension with Trojanized Version

Users of the Mega.nz file hosting and sharing service were targeted through a supply chain attack in which hackers replaced the company’s official Chrome extension with a malicious version. The attack happened ...
Security Boulevard
Loading...