Read Time:7 Second
We’re excited to announce a draft of CIS Microsoft Windows 10 Stand-alone Benchmark v1.0.0 for all versions of Windows 10.
Monthly Archives: August 2022
Drone Deliveries into Prisons
T-Mobile Retailer Guilty of $25m Fraud Scheme
Tips to prevent RDP and other remote attacks on Microsoft networks
Read Time:37 Second
One long-favored way that ransomware enters your system is through Microsoft’s Remote Desktop Protocol (RDP) attacks. Years ago when we used Microsoft’s Terminal Services (from which RDP evolved) for shared remote access inside or outside of an office, attackers would use a tool called TSGrinder. It would first review a network for Terminal Services traffic on port 3389. Then attackers would use tools to guess the password to gain network access. They would go after administrator accounts first. Even if we changed the administrator account name or moved the Terminal Services protocol to another port, attackers would often sniff the TCP/IP traffic and identify where it was moved to.
Tory Leadership Voting Delayed Over Security Concerns
DDoS Attacks Pepper Taiwanese Government Sites
ZDI-22-1039: (Pwn2Own) ICONICS GENESIS64 TDFX File Parsing Exposed Dangerous Function Remote Code Execution Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1040: (Pwn2Own) ICONICS GENESIS64 ColorPaletteEntry Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:11 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1041: (Pwn2Own) ICONICS GENESIS64 genbroker64 Use-After-Free Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. Authentication is not required to exploit this vulnerability.
ZDI-22-1042: ICONICS GENESIS64 colorpalletes Directory Traversal Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of ICONICS GENESIS64. Authentication is not required to exploit this vulnerability.