3059 matches found
Cybersecurity agencies: You don’t have to delete PowerShell to secure it
Microsofts PowerShell is a useful, flexible tool that is as popular with criminals as it is with admins. Cybercrooks like it becasue PowerShell is powerful, available almost everywhere, and doesnt look out of place running on a company network. In most places it isnt practical to block PowerShell...
June 23, 2022—KB5014665 (OS Build 20348.803) Preview
June 23, 2022—KB5014665 OS Build 20348.803 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...
Keeping PowerShell: Measures to Use and Embrace
Cybersecurity authorities from the United States, New Zealand, and the United Kingdom have released a joint Cybersecurity Information Sheet CIS on PowerShell. The CIS provides recommendations for proper configuration and monitoring of PowerShell, as opposed to removing or disabling it entirely du...
EulerOS 2.0 SP8 : git (EulerOS-SA-2022-1929)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where...
CVE-2022-32973
An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges...
CVE-2022-32973
An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges...
CVE-2022-32973
An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges...
Design/Logic Flaw
An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges...
CVE-2022-32973
An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges...
CVE-2022-32973
CVE-2022-32973 affects Nessus Agent prior to 8.3.4 or 10.x prior to 10.1.4. An authenticated attacker could create a custom audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. This is documented in Nessus/TNS advisories (e.g., TNS-2022-17) and li...
PT-2022-21616 · Microsoft +1 · Powershell +1
Name of the Vulnerable Software and Affected Versions: PowerShell affected versions not specified Description: An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. Recommendations: At the moment, there is ...
Marval MSM 14.19.0.12476 Remote Code Execution
Exploit Title: Marval MSM v14.19.0.12476 - Remote Code Execution RCE Authenticated Date: 27/5/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://www.marvalnorthamerica.com/ Software Link: https://www.marvalnorthamerica.com/ Version: v14.19.0.12476 Tested on: Windows Detailed...
PVS Wizard fails to connect to Cloud
In the process of using a PVS Wizard, after entering your credentials to connect to Citrix Cloud, you might see this error: "Cannot connect to the Citrix Virtual Desktops Controller at : Citrix Virtual Desktops FullAdmin or MachineAdmin permission required." Following the below steps 1. If Remote...
A Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage
A "dangerous piece of functionality" has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to mount attacks on cloud infrastructure and ransom files stored on SharePoint and OneDrive. The cloud ransomware attack makes it possible to launch file-encryptin...
[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities
R1 Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 06/15/2022 - 12:36 Custom audit files bring tremendous power and flexibility when assessing the configuration of your assets. Two separate vulnerabilities that utilize this custom Audit functionality were identified,...
Patch Tuesday: Microsoft Issues Fix for Actively Exploited 'Follina' Vulnerability
Microsoft finally released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in...
Gshell - A Flexible And Scalable Cross-Plaform Shell Generator Tool
A simple yet flexible cross-platform shell generator tool. Name: GGreat Shell Description: A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation. If you find this tool helpful, then please give me a...
Detect the Follina MSDT Vulnerability (CVE-2022-30190) with Qualys Multi-Vector EDR & Context XDR
A new remote code execution vulnerability called “Follina” has been found lurking in most Microsoft products. In this blog, we examine a potential attack vector as well as technical details of Follina, and chart the ability to detect this new vulnerability using both Qualys Multi-Vector EDR and...
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities
Executive Summary On June 14, 2022, Intel published information about a class of memory-mapped I/O vulnerabilities known as Processor MMIO Stale Data Vulnerabilities. An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In...
Microsoft Windows 日志信息泄露漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A log information disclosure vulnerability exists in Microsoft Windows PowerShell. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10...