PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution vulnerability that can be exploited …
Heading into October Patch Tuesday on the heels of big announcements from Microsoft
October is here and Patch Tuesday is next week, followed quickly by Halloween. Don’t be scared (unless you are a Facebook user)! The winds of change are blowing this fall …
Most enterprises now running Windows 10, security hygiene no longer optional
Security is galvanizing around the move to Windows 10, the operating system that the majority of companies now run in their organizations, according to the 2018 Enterprise …
September 2018 Patch Tuesday: Microsoft fixes actively exploited zero-day
Microsoft’s September 2018 Patch Tuesday has brought fixes for a little over 60 security vulnerabilities, 17 of which are critical and one is being actively exploited in …
Cybersecurity as catalyst for greater adoption of agile development
Agile development increases the output of software development projects by using a faster, more iterative engineering process. This pace also allows rapid course correction, …
September Patch Tuesday forecast: Evaluate third-party updates alongside Microsoft release
There’s some good and some bad news for the Patch Tuesday forecast this month. The good news is a number of vendors have just released last week, clearing the slate for what …
0patch releases micropatch for Windows Task Scheduler zero-day
Earlier this week a security researcher that goes by “SandboxEscaper” published details and a PoC exploit for a zero-day local privilege escalation vulnerability …
Windows zero-day flaw and PoC unveiled via Twitter
A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The …
August Patch Tuesday forecast: Looking ahead after a frustrating July
Approaching August Patch Tuesday, we are supposed to be in the ‘dog days’ of summer where everything slows down. Unfortunately, July was full of CVEs and stability fixes with …
Access to airport’s security system sold on dark web
Leveraging compromised RDP credentials is one of the easiest ways attackers can break into company networks and systems. Unfortunately for all of us, there are a lot of …
Is Windows ShimCache a threat hunting goldmine?
Enterprise-wide threat hunting sounds like a daunting task and for inexperienced forensic analysts it certainly can be. However, there are various techniques that can be used …
July 2018 Patch Tuesday forecast: The fireworks and the finale
Patch management is kind of like fireworks around the fourth of July. Momentary excitement with lulls that repeat several times until the culminate in a finale! Well there are …