Windows zero-day flaw and PoC unveiled via Twitter
A Windows zero-day local privilege escalation flaw and a Proof-of-Concept exploit for it have been revealed on Monday by someone who goes by SandboxEscaper on Twitter. The …
August Patch Tuesday forecast: Looking ahead after a frustrating July
Approaching August Patch Tuesday, we are supposed to be in the ‘dog days’ of summer where everything slows down. Unfortunately, July was full of CVEs and stability fixes with …
Access to airport’s security system sold on dark web
Leveraging compromised RDP credentials is one of the easiest ways attackers can break into company networks and systems. Unfortunately for all of us, there are a lot of …
Is Windows ShimCache a threat hunting goldmine?
Enterprise-wide threat hunting sounds like a daunting task and for inexperienced forensic analysts it certainly can be. However, there are various techniques that can be used …
July 2018 Patch Tuesday forecast: The fireworks and the finale
Patch management is kind of like fireworks around the fourth of July. Momentary excitement with lulls that repeat several times until the culminate in a finale! Well there are …
May 2018 Patch Tuesday forecast: Where are the flowers?
The wintry weather doesn’t want to give up its hold on us here in the US. The extended cold has kept the spring flowers from blooming, dragging out the winter blues. It …
AMD users running Windows 10 get their Spectre fix
AMD has released new microcode updates for mitigating variant 2 of the Spectre attack and Microsoft has released an OS update with the mitigation to AMD users running Windows …
April Patch Tuesday forecast: Expect updates for Adobe Flash, others
Springtime is here! Although up here in Minnesota you wouldn’t believe it as we received snowfalls that rivaled anything in the past 34 years! As spring arrives you think of …
Dangerous CredSSP flaw opens door into corporate servers
A critical vulnerability in the Credential Security Support Provider protocol (CredSSP), introduced in Windows Vista and used in all Windows versions since then, can be …
March Patch Tuesday forecast: In like a lamb, out like a lion
It’s March and up here in the Midwest we have a saying for this early spring month, “In like a lamb, out like a lion.” Often the month of March comes with a …
Locked Windows machines can be compromised through Cortana
Compromising locked Windows computers that have the Cortana voice-activated virtual assistant enabled is relatively easy – or it was until Microsoft made a simple tweak. …
Cryptocurrency-stealing malware relies on victims copy-pasting wallet info
An unconventional email spam campaign has been delivering unusual cryptocurrency-stealing malware to American and Japanese users. The emails are sporting “Re: …