CVE-2019-1373

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'...

CVE-2019-1373

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'...

Remote code execution

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'...

CVE-2019-1373

CVE-2019-1373 is a remote code execution vulnerability in Microsoft Exchange Server caused by deserialization of metadata via PowerShell. The issue affects Exchange servers and can be exploited by an attacker who can run PowerShell cmdlets against the server; the exact required privileges are not...

CVE-2019-1373

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'...

Microsoft Exchange Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the logged in user. Exploitation of this vulnerability requires that a use...

FUDForum 3.0.9 Code Execution / Cross Site Scripting

// Exploit Title : FUDForum 3.0.9 - Stored XSS / Remote Code Execution // Date : 10/26/19 // Exploit Author : liquidsky JMcPeters // Vulnerable Software : FUDForum 3.0.9 // Vendor Homepage : https://sourceforge.net/projects/fudforum/ // Version : 3.0.9 // Software Link :...

Adaudit - Powershell Script To Do Domain Auditing Automation

PowerShell Script to perform a quick AD audit | | \ | | | || | | | | | | | | | . | | | |||/ ||||||| by phillips321 If you have any decent powershell one liners that could be used in the script please let me know. I'm trying to keep this script as a single file with no requirements on external too...

Microsoft works with researchers to detect and protect against new RDP exploits

On November 2, 2019, security researcher Kevin Beaumont reported that his BlueKeep honeypot experienced crashes and was likely being exploited. Microsoft security researchers collaborated with Beaumont as well as another researcher, Marcus Hutchins, to investigate and analyze the crashes and...

Persistence – PowerShell Profile

PowerShell profile is a PowerShell script which enables system administrators and users to customize their environment and to execute specific commands when a PowerShell session initiates. It is similar to logon scripts that are used heavily by Administrators to map network drives and printers fo...

Persistence – BITS Jobs

Windows operating systems contain various utilities which can be used by system administrators to perform various tasks. One of these utilities is the Background Intelligent Transfer Service BITS which can facilitate file transfer capability to web servers HTTP and share folders SMB. Microsoft...

PSKernel-Primitives

This repository, zdiskless/PSKernel-Primitives, is a collection of PowerShell primitives for exploitation. The code includes various functions for generating shellcode, allocating memory, and interacting with the Windows kernel. The functions in this repository are designed to be used in...

CVE-2018-16859

Execution of Ansible content on Microsoft's Windows platform with Powershell 5 or higher may disclose sensitive execution details including 'become' passwords, Ansible module arguments, and return values via Powershell's 'suspicious scriptblock logging' feature, which is enabled by default. The...

Azure File Sync Agent v8 Release – October 2019

Azure File Sync Agent v8 Release – October 2019 Introduction This article describes the improvements and issues that are fixed in the Azure File Sync Agent v8 release that is dated October 2019. Additionally, this article contains installation instructions for the update. Improvements and issues...

Azure File Sync Agent v7 Release – June 2019

Azure File Sync Agent v7 Release – June 2019 Introduction This article describes the improvements and issues that are fixed in the Azure File Sync Agent v7 release that is dated June 2019. Additionally, this article contains installation instructions for the update. Improvements and issues that a...

CheckPoint Endpoint Security ClientZoneAlarm 15.4.062.17802 - Privilege Escalation

CheckPoint Endpoint Security ClientZoneAlarm 15.4.062.17802 - Privilege Escalation Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Poin...

CheckPoint Endpoint Security Client / ZoneAlarm Privilege Escalation

Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Point Endpoint Security VPN = E80.87 Build 986009514 Version: Check Point ZoneAlarm =...

Microsoft Blacklists Dozens of New File Extensions in Outlook

Microsoft is banning almost 40 new types of file extensions on its Outlook email platform. The aim is to protect email users from what it deems “at-risk” file attachments, which are typically sent with malicious scripts or executables. The move will prevent users from downloading email attachment...

Microsoft Warns of a New Rare Fileless Malware Hijacking Windows Computers

Watch out Windows users! There's a new strain of malware making rounds on the Internet that has already infected thousands of computers worldwide and most likely, your antivirus program would not be able to detect it. Why? That's because, first, it's an advanced fileless malware and second, it...

Thousands of PCs Affected by Nodersok/Divergent Malware

New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said. The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own...