#Microsoft

By Deeba Ahmed The vulnerability was identified in System Integrity Protection (SIP) within the macOS ecosystem. This is a post from HackRead.com Read the original post: macOS flaw allowed attackers to install persistent, undetectable malware

By Deeba Ahmed The prime target of this malware campaign is unsuspecting users on Windows 10. This is a post from HackRead.com Read the original post: New malware lures fake Chrome update to attack Windows PCs

By Owais Sultan OSINT refers to information collected from online sources however it requires tools to do so, and here are the 10 best OSINT Tools for 2020. This is a post from HackRead.com Read the original post: Free and Best OSINT Tools 2021

Hello everyone! This episode will be about relatively recent critical vulnerabilities. Let’s start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didn’t get there. Autodiscover leak discovered by Guardicore Labs “Autodiscover, a protocol used by Microsoft Exchange for automatic configuration of clients such as Microsoft Outlook, […]

In a previous episode on Microsoft Defender for Endpoint, I described how to get a list of antivirus engine and signatures versions for the hosts in your infrastructure using the Microsoft Graph API. But the problem remains. You know the versions that are currently installed on the hosts. But where can you get the latest […]

Hello everyone! Yet another news episode. Microsoft’s August Patch Tuesday Let’s start with Microsoft’s August Patch Tuesday. I think the most interesting thing is that it contains a fix for the PetitPotam vulnerability. I talked about this vulnerability two weeks ago. At the time, Microsoft had no plans to release a patch because PetitPotam was […]

Hello everyone! Last Week’s Security News, August 1 – August 8. Black Hat Pwnie Awards Last week was more quiet than normal with Black Hat USA and DEF CON security conferences. I would like to start with the Pwnie Awards, which are held annually at Black Hat. It’s like an Oscar or Tony in the […]

Hello everyone! Last Week’s Security News, July 26 – August 1. Serious Sam in Metasploit Last week I talked about the Serious Sam vulnerability (CVE-2021-36934), also known as HiveNightmare. The name HiveNightmare comes from the fact that Windows stores its registry data in a small number of proprietary database files called hives. Due to mismanagement […]

The Gartner Vulnerability Management Reports are one of the few marketing reports that I try to read regularly. This started back in the days when I was working for a VM vendor doing competitive analysis. Gartner is one of the few organizations that think about Vulnerability Assessment and Vulnerability Management and clearly articulate where we […]