Collaborate Disseminate
I recently discovered that on one of my PCs the SolarWinds software was installed.
I didn’t install this software on my machine.
I also saw that SolarWinds was cracked by Russian hackers and also companies like Microsoft have a lot of data… Continue reading Can a hacker install known-vulnerable software on a machine in order to control the PC and elude antivirus?
The high and low-trust devices themselves are separated by VLANs, however they both need to be connected to an Active Directory. The only way for the low-trust VLAN to access the high-trust VLAN would be through the Windows Server. Therefo… Continue reading Should one Windows Server serve both high and low trust devices?
There was quite a lot of talk two years ago about vulnerabilities discovered in hardware encryption on SSDs that allowed attackers to bypass the encryption and get to the data on them. I can find very little recent discussion on this, exce… Continue reading How safe is hardware encryption on newer SSDs? [closed]
I want a list of vulnerabilities that occur due to constant values and getting fixed by changing those values.
For example CVE-2018-7329 where vulnerability got fixed by changing the value of i=1 to i=0 and boundary condition.
Continue reading What are list of vulnerabilities that occur due to constant values [closed]
I found this version of ASP .NET in the header Server as a response from a web server. How can I verify if this version has still an active support or it is ended? On the microsoft website I can’t find official info on this specific versio… Continue reading ASP .NET 2.0.50727 in the server response header. How to be sure is EOL?
Society relies so heavily on technology that the number of internet connected devices used globally is predicted to grow to 55.9 billion by 2025. Many of these devices span parts of Industrial Control Systems (ICS) that impact the physical world, assist us in our daily lives at home and monitor and automate everything from energy […]
The post New Vulnerability Could Put IoT Devices at Risk appeared first on Security Intelligence.
Continue reading New Vulnerability Could Put IoT Devices at Risk
AWS servers come installed with Ghostscript 8.70
Ghostscript seems to be unsafe, allowing code execution via PDF file conversion.
When the reports says vulnerabilities concerns the 9.24 and previous versions, does this mean 9.00 to 9.24 o… Continue reading Ghostscript <= 9.24 have critical security issues, does this apply to 8.XX versions?
This is an old 802.11w issue that has been documented and it’s a very big issue as clients can be selectively attacked and enter a deadlock, where only disabling and re-enabling wifi solves the issue (in fact I’m currently experiencing the… Continue reading As of 2020, is there any fix for 802.11w deadlock?
There are some reasons that many old versions of different OS’s are in use, (Free BSD, Solaris, Linux, Unix, Windows Server, Windows workstation, DOS, …).
Sometimes we had to use that old operation system because it is mandatory and some… Continue reading How to protect an unsupported OS that I am forced to use?
How would you investigate if CVE-2020-0796 (Windows SMBv3 Client/Server Remote Code Execution Vulnerability) has been exploited by an attacker or not?
Continue reading How would you investigate if CoronaBlue has been exploited by an attacker or not?