March 2020 Patch Tuesday – 115 Vulns, 26 Critical, Microsoft Word and Workstation Patches

This month’s Microsoft Patch Tuesday addresses 115 vulnerabilities with 26 of them labeled as Critical. Of the 26 Critical vulns, 17 are for browser and scripting engines, 4 are for Media Foundation, ...
Top 9 Windows Server Roles and their Alternatives

Top 9 Windows Server Roles and their Alternatives

| | Windows
Windows Server provides much in terms of functionality to an organization. Here are the top 9 roles it serves, as well as alternatives to them. The post Top 9 Windows Server Roles ...
EH-Net - Osanda - WMI 101 for Pentesters

WMI 101 for Pentesters

PowerShell has gained popularity with SysAdmins and for good reason. It’s on every Windows machine (and now some Linux machines as well), has capabilities to interact with almost every service on every ...

February 2020 Patch Tuesday – 99 Vulns, 12 Critical, Patch for IE 0-Day, Exchange Vuln, Adobe Vulns

This month’s Microsoft Patch Tuesday addresses 99 vulnerabilities with 12 of them labeled as Critical. Of the 12 Critical vulns, 7 are for browser and scripting engines, 2 are for Remote Desktop ...
Safeguard Windows RDP Ports with MFA

Safeguard Windows RDP Ports with MFA

In order to deal with brute-force attacks on RDP within Windows, IT organizations need to enforce MFA. Here’s how to do so with the cloud. The post Safeguard Windows RDP Ports with ...

Critical Windows Vulnerability, Dating App Security Risk, Apple iOS Privacy Features

In episode 104 for January 20th 2020: Details on the new critical Microsoft Windows vulnerability, why dating apps could pose a national security risk, and how new Apple privacy features are changing ...

Patch or Mitigate Dangerous Microsoft Windows CryptoAPI Spoofing Vulnerability ASAP

Qualys is a sponsor of TechSpective Microsoft kicked off the new decade with a bang. Last Tuesday was the first Microsoft Patch Tuesday of 2020, and one of the patches pushed out ...
Graphic: Image illustrating an exploit of a Windows CryptoAPI vulnerability using a spoofed digital certificate. image source: https://twitter.com/saleemrash1d/status/1217519809732259840/photo/1

NSA: Microsoft Releases Patch to Fix Latest Windows 10 Vulnerability

NSA discloses a Windows security flaw that leaves more than 900 million devices vulnerable to spoofed digital certificates The National Security Agency (NSA) isn’t exactly known for wanting to share... The post ...

Critical Windows Vulnerability Discovered by NSA

Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates ...
patch

Patch Tuesday Panic: ‘Extraordinarily Serious’ Bug in CryptoAPI

Today’s Windows patch batch will contain a fix for a big, huge, nasty, critical encryption bug ...
Security Boulevard