Collaborate Disseminate
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (… Continue reading Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
Microsoft quietly revealed yesterday that it has completed the development of Windows Server 2025, its latest LTSC Server release.
The post Windows Server 2025 is Generally Available appeared first on Thurrott.com.
Continue reading Windows Server 2025 is Generally Available
I got the results of an internal pentest at my company and the job to fix it. The paper they gave me looked like the output i got from microsofts speculativecontrol powershell script from https://github.com/microsoft/SpeculationControl
Spe… Continue reading Spectre Mitigations Output for sucessful patch
Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. What is hotpatching? “Hotpatching has been around for years in Windows… Continue reading Windows Server 2025 gets hotpatching option, without reboots
A fresh Windows Server installation (20212 R2), all updates applied. Sysmon v15.15 installed. Literally nothing else was installed/added. Never started a browser, never opened a web page. Only apps used were standard utilities that come wi… Continue reading Is it normal to have Sysmon detect CreateRemoteThread on a fresh and clean Windows Server installation?
I am working on a non-internet facing and internal/air-gapped system. The vendor providing the solution is using Total Commander for file transfer which they mention is based on SMB/CIFS. Additionally, the OS involved are Windows Sever 202… Continue reading Is SMB/CIFS secure?
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A downgrade attack exploiting the Windows Update process The direction of Safe… Continue reading “Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days
By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows hosts into a blue-screen-of-death… Continue reading Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
I am pentesting a site with all permissions. I have been able to upload a PHP shell embedded within a png image. I have also been able to change the extension of the file like
something.php. So my question is when I run this file in my xam… Continue reading PHP embedded within PNG is not executing rather randering in IIS but executes in Apache
I am a cybersecurity engineer who is currently testing Wallix Bastion PAM solution. I ran into a problem when I was trying to configure the Remote Storage for storing recorded privileged sessions there. The problem is with the Remote direc… Continue reading Wallix Bastion PAM Remote Storage mounting issue