Microsoft Windows PowerShell Command Execution Exploit

Microsoft Windows PowerShell Command Execution Exploit + Credits: John Page aka hyp3rlinx Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell is a Windows command-line shell designed especially for system administrators. PowerShell includes an interactive prompt and a scripting...

Microsoft Windows PowerShell Command Execution

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt + ISR: Apparition Security Vendor www.microsoft.com Product Windows PowerShell Windows PowerShell is a...

EternalBlue Exploit Used in Retefe Banking Trojan Campaign

Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers a...

Guidance EnCase Enterprise uses weak authentication to identify target machines

Overview Guidance Software's EnCase Enterprise uses IP authentication to identify target machines. An attacker may be able to provide the EnCase SAFE server with a disk image from a different machine than an investigator requested. Description Guidance Software's EnCase Enterprise allows...