windows hacking – Page 3 – WindowsTechs.com

Microsoft Releases Patches for 3 Remaining NSA Windows Exploits

Posted on June 14, 2017 by Mohit Kumar

Did you know… last month’s widespread WannaCry ransomware attack forced Microsoft to release security updates against EternalBlue SMB exploit for unsupported versions of Windows, but the company left other three Windows zero-day exploits unpatched?

For those unaware, EternalBlue is a Windows SMB flaw that was leaked by the Shadow Brokers in April and then abused by the WannaCry ransomware to

Continue reading Microsoft Releases Patches for 3 Remaining NSA Windows Exploits→

Windows XP Too Unstable To Spread WannaCry

Posted on June 1, 2017 by Darknet

Not a super serious article this one, but I found it very entertaining – apparently, Windows XP has a BSOD (Blue Screen of Death) when faced with a WannaCry infection. There’s a very extension analysis of WannaCry here where this information comes from WannaCry: Two Weeks and 16 Million Averted Ransoms Later. Yes, WannaCrypt can […]

The…

Read the full post at darknet.org.uk

Continue reading Windows XP Too Unstable To Spread WannaCry→

Newly Found Malware Uses 7 NSA Hacking Tools, Where WannaCry Uses 2

Posted on May 22, 2017 by Swati Khandelwal

A security researcher has identified a new strain of malware that also spreads itself by exploiting flaws in Windows SMB file sharing protocol, but unlike the WannaCry Ransomware that uses only two leaked NSA hacking tools, it exploits all the seven.

… Continue reading Newly Found Malware Uses 7 NSA Hacking Tools, Where WannaCry Uses 2→

More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry

Posted on May 19, 2017 by Mohit Kumar

Since the Shadow Brokers released the zero-day software vulnerabilities and hacking tools – allegedly belonged to the NSA’s elite hacking team Equation Group – several hacking groups and individual hackers have started using them in their own way.

The April’s data dump was believed to be the most damaging release by the Shadow Brokers till the date, as it publicly leaked lots of Windows

Continue reading More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry→

WikiLeaks Reveals ‘Athena’ CIA Spying Program Targeting All Versions of Windows

Posted on May 19, 2017 by Mohit Kumar

WikiLeaks has published a new batch of the ongoing Vault 7 leak, detailing a spyware framework – which “provides remote beacon and loader capabilities on target computers” – allegedly being used by the CIA that works against every version of Microsoft’s Windows operating systems, from Windows XP to Windows 10.

Dubbed Athena/Hera, the spyware has been designed to take full control over the

Continue reading WikiLeaks Reveals ‘Athena’ CIA Spying Program Targeting All Versions of Windows→

WannaCry Ransomware That’s Hitting World Right Now Uses NSA Windows Exploit

Posted on May 12, 2017 by Swati Khandelwal

Update — After reading this article, if you want to know, what has happened so far in past 4 days and how to protect your computers from WannaCry, read our latest article “WannaCry Ransomware: Everything You Need To Know Immediately.”

Earlier today, a massive ransomware campaign hit computer systems of hundreds of private companies and public organizations across the globe – which is

Continue reading WannaCry Ransomware That’s Hitting World Right Now Uses NSA Windows Exploit→

PowerMemory – Exploit Windows Credentials In Memory

Posted on April 7, 2017 by Darknet

PowerMemory is a PowerShell based tool to exploit Windows credentials present in files and memory, it levers Microsoft signed binaries to hack Windows. The method is totally new. It proves that it can be extremely easy to get credentials or any other i… Continue reading PowerMemory – Exploit Windows Credentials In Memory→

SessionGopher – Session Extraction Tool

Posted on March 20, 2017 by Darknet

SessionGopher is a PowerShell Session Extraction tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. The tool can find and decrypt saved session inf… Continue reading SessionGopher – Session Extraction Tool→

SessionGopher – Session Extraction Tool

Posted on March 20, 2017 by Darknet

p0wnedShell – PowerShell Runspace Post Exploitation Toolkit

Posted on January 13, 2017 by Darknet

p0wnedShell is an offensive PowerShell Runspace Post Exploitation host application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a PowerShell run space environment (.NET). It has a lot of offensive… Continue reading p0wnedShell – PowerShell Runspace Post Exploitation Toolkit→