TL;DR — Stop Using Network Access Accounts!
If a Windows machine has ever been an SCCM client, there may be credential blobs for the network access account (NAA) on disk.
If an Active Directory account has ever been configured as an NAA, there may be c…
Tag: Windows
Exploits, Global Security News
Operating Systems Can be Detected Using Ping Command
by GURUBARAN S •
Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, which used to find the Availability of a host on an Internet Protocol (IP) network. Ping operates by sending Internet Control Message Prot…
Europe, Global Security News, North America, Vulnerabilities
NSA Wants To Help you Lock Down MS Windows in PowerShell
by Richi Jennings •
A new cheatsheet from four infosec agencies tells us how to use PowerShell for good, rather than let scrotes misuse it to “live off the land.”
The post NSA Wants To Help you Lock Down MS Windows in PowerShell appeared first on Security Boulevard.
Europe, Global Security News, North America
Patch Tuesday Made Easy With JumpCloud Patch Management
by Joranna Ng •
Check out what Microsoft released on Patch Tuesday, June 14th, 2022. The updates primarily address OS security issues.
The post Patch Tuesday Made Easy With JumpCloud Patch Management appeared first on JumpCloud.
The post Patch Tuesday Made Easy With J…
Global Security News, North America
Microsoft fixes Follina and 55 other CVEs
by Zeljka Zorz •
June 2022 Patch Tuesday has been marked by Microsoft with the release of fixes for 55 new CVEs, as well as security updates that fix Follina (CVE-2022-30190), the Microsoft Windows Support Diagnostic Tool (MSDT) RCE that is being widely exploited by at…
Uncategorized
DogWalk zero-day Windows bug receives patch – but not from Microsoft
by Graham Cluley •
A Windows zero-day vulnerability dubbed “DogWalk” has not received an official patch yet from Microsoft, but that hasn’t stopped others from offering free fixes to protect users.
Read more in my article on the Hot for Security blog.
Global Security News, North America
Qbot – known channel for ransomware – delivered via phishing and Follina exploit
by Zeljka Zorz •
More than a week has passed since Microsoft acknowledged the existence of the “Follina” vulnerability (CVE-2022-30190), after reports of it being exploited in the wild began to crop up here and there. Since then, other state-backed threat a…
Security Bloggers, Security Vendor News
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022
by Andrew Swoboda •
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also …
Global Security News, North America
Attackers are leveraging Follina. What can you do?
by Zeljka Zorz •
As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a variety of campaigns. A complex vulnerability Microsoft has described CVE-2022-301…
Security Vendor News
Yet another zero-day (sort of) in Windows “search URL” handling
by Paul Ducklin •
More trouble with special-purpose URLs on Windows.
Global Security News, North America
Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)
by Zeljka Zorz •
A newly numbered Windows zero-day vulnerability (CVE-2022-30190) is being exploited in the wild via specially crafted Office documents (without macros), security researchers are warning. After initially dismissing the vulnerability as “not a secu…
Security Vendor News
Microsoft patches the Patch Tuesday patch that broke authentication
by Paul Ducklin •
Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?
Europe, Global Security News, North America
Accessing File Shares on AD-Connected Windows File Servers the Easy Way
by David Worthington •
Use a map network drive command to keep your File Servers and transition from Active Directory to JumpCloud.
The post Accessing File Shares on AD-Connected Windows File Servers the Easy Way appeared first on JumpCloud.
The post Accessing File Shares on…
Global Security News, North America
Meteoric attack deploys Quantum ransomware in mere hours
by Zeljka Zorz •
A group wielding the Quantum Locker ransomware is hitting targets in a blitzkrieg-like manner, going from intial compromise to domain-wide deployment and execution in under four hours, researchers with The DFIR Report are warning. The Quantum ransomwar…
Global IT News
Hashtag Trending April 19 – Senator questions Intuit; Windows toolbox malware; and U.S. military prints barracks
by Samira Balsara •
Elizabeth Warren slams Intuit for misleading tax filers, a popular windows toolbox script is actually malware, and the U.S. military contracts a 3D printing company to build training facilities.
The post Hashtag Trending April 19 – Senator questions Intuit; Windows toolbox malware; and U.S. military prints barracks first appeared on IT World Canada.
Global Security News, North America
Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
by Zeljka Zorz •
Three days have passed since Microsoft’s latest Patch Tuesday, and CVE-2022-26809 has emerged as the vulnerability with the most exploitation potential. It’s easy to see why: it may be exploited by unauthenticated, remote attackers to breac…
Global Security News, North America
Windows Autopatch: Managed enterprise patching for Windows and Office
by Zeljka Zorz •
While IT administrators are mentally preparing themselves for yet another Patch Tuesday, Microsoft has announced Windows Autopatch: a new service that aims make the second Tuesday of every month “just another Tuesday.” About Windows Autopat…
Global Security News, North America
April 2022 Patch Tuesday forecast: Spring is in the air (and vulnerable)
by Help Net Security •
March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical update for Microsoft Exchange Server. Could April Patch Tuesday provide the deluge…
Security Bloggers, Security Vendor News
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of March 14, 2022
by Dylan D'Silva •
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 14, 2022. I’ve als…
Global IT News
Hashtag Trending March 16 – Windows 11 ads; Arm layoff; Israeli government DDoS
by Samira Balsara •
Hashtag Trending March 16 – Windows 11 ads; Arm layoff; Israeli government DDoS
The post Hashtag Trending March 16 – Windows 11 ads; Arm layoff; Israeli government DDoS first appeared on IT World Canada.
Security Vendor News
Apple patches 87 security holes – from iPhones and Macs to Windows
by Paul Ducklin •
Lots of fixes, with data leakage flaws and code execution bugs patched on iPhones, Macs and even Windows.
Global IT News
Hashtag Trending March 11 – Google’s anti-harassment tool; Tinder background check; Tabs in file explorer
by Samira Balsara •
Files from Tom Li Google releases an anti-harassment tool for journalists, Tinder rolls out a new background check feature, and Windows 11 will finally have tabs in File Explorer. That’s all the tech news that’s trending right now, welcome to Hashtag Trending! It’s Friday, March 11th, and I’m your host, Samira Balsara. Google is […]
The post Hashtag Trending March 11 – Google’s anti-harassment tool; Tinder background check; Tabs in file explorer first appeared on IT World Canada.
Global Security News, North America
How to empower IT Sec and Ops teams to anticipate and resolve IT problems
by Zeljka Zorz •
Every IT system administrator knows the misery of facing a problem for which the root cause requires hours (and sometimes days) to unearth, all the while part of the IT infrastructure entrusted to them is unavailable to users, open to attack, or not co…
Europe, Global Security News, North America
Change Doesn’t Have to be Hard
by Pam Lefkowitz •
The secret of change is to focus all of your energy not on fighting the old, but on building the new. –Socrates
The post Change Doesn’t Have to be Hard appeared first on JumpCloud.
The post Change Doesn’t Have to be Hard appeared first on Security Bo…
Security Bloggers, Security Vendor News
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of February 7, 2022
by Andrew Swoboda •
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of February 7, 2022. I̵…
Global Security News, North America
Jetico BCWipe Privacy Guard empowers users to disable Microsoft’s default tracking features
by Industry News •
Jetico released BCWipe Privacy Guard, bringing together all Windows privacy settings and empowers users to disable Microsoft’s default tracking features with one click, including activity tracking, location tracking, and targeted advertising. Following…
Security Vendor News
Microsoft blocks web installation of its own App Installer files
by Paul Ducklin •
It’s a big deal when a vendor decides to block one of its own “features” for security reasons. Here’s why we think it’s a good idea.
Global Security News, North America
February 2022 Patch Tuesday forecast: A rough start for 2022
by Help Net Security •
January 2022 Patch Tuesday was a rough one for Microsoft — and us. In the week following Patch Tuesday, Microsoft was forced to pull and subsequently re-issue several updates for Windows Server 2012, 2019, and 2022, as well as Windows 10 and 11. There …
Security Vendor News
S3 Ep66: Cybercrime busts, wormable Windows, and the crisis of featuritis [Podcast + Transcript]
by Paul Ducklin •
Latest epsiode – listen now!
Europe, Global Security News, North America
Why I Ditched Domain Controllers
by David Worthington •
Don’t buy a new server … you’ll save a lot of money, and you’ll get more out of JumpCloud.
The post Why I Ditched Domain Controllers appeared first on JumpCloud.
The post Why I Ditched Domain Controllers appeared first on Security Boulevard.
Global Security News, North America
Delivering vulnerable signed kernel drivers remains popular among attackers
by Help Net Security •
ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to circumvent anti-cheat mechanisms, but they have also been observed being used by sever…
Global Security News, North America
A new multi-platform backdoor is leveraged by an advanced threat actor
by Zeljka Zorz •
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. “In the Linux and macOS versions, it masquerades as a system update. In the Windows version, it masquerades as Intel drivers. The upd…
Europe, Global Security News, North America
Domainless Access to MS SQL Server Tutorial
by David Worthington •
Enable remote users to work with MS SQL Server over a VPN without using a domain controller or passing credentials over the web.
The post Domainless Access to MS SQL Server Tutorial appeared first on JumpCloud.
The post Domainless Access to MS SQL Serv…
Global Security News, North America
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
by Zeljka Zorz •
It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to deliver Emotet/Trickbot/Bazaloader malware family. Vulnerabilities of note in…
Global Security News, North America
Microsoft vulnerabilities have grave implications for organizations of all sizes
by Help Net Security •
Microsoft software products are a connective tissue of many organizations, from online documents (creating, sharing, storing), to email and calendaring, to the operating systems that enable business operations on the front and back ends, both in the cl…
Europe, Global Security News, North America
Use Windows File Sharing Within a Domainless Environment
by David Worthington •
Keep Windows File Sharing without a domain controller using JumpCloud and Integrated Windows Authentication.
The post Use Windows File Sharing Within a Domainless Environment appeared first on JumpCloud.
The post Use Windows File Sharing Within a Domai…
Europe, Global Security News, North America
Windows File Sharing Without a Domain Controller Using JumpCloud
by David Worthington •
This tutorial outlines steps for domainless Windows file sharing for small teams who only need to grant access to a handful of end users.
The post Windows File Sharing Without a Domain Controller Using JumpCloud appeared first on JumpCloud.
The post Wi…
Europe, Global Security News, North America
Your Security Operations Cheat Sheet for Windows and Linux Logs (And How to Tie Them to the MITRE ATT&CK Framework)
by Dan Kaplan •
Within the security operations center, visibility is everything. Being aware of the details of users, assets, known threats, and specific…
The post Your Security Operations Cheat Sheet for Windows and Linux Logs (And How to Tie Them to the MITRE ATT&…
Global Security News, North America
After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
by Zeljka Zorz •
A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. What’s more, it is already being leveraged b…
Security Vendor News
Patch Tuesday updates the Win 7 updater… for at most 1 more year of updates
by Paul Ducklin •
The clock stopped long ago on Windows 7, except for those who paid for overtime. But there won’t be any double overtime!