CWA smartcard logon error 'Can’t read smart card' on client with SIM card

There is a client with 2 smart cards . A physical smart card and an integrated eSIM . When CWA Windows tries to autenticate with smartcard the user gets an error that says "Can't read smart card. Please contact your IT administrator" . If we remove the SIM card from the client , the authenticatio...

CVE-2023-28596

Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to privileges to root...

Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

This month, Microsoft has been recognized by Gartner® as a Leader in the 2022 Magic Quadrant for Unified Endpoint Management UEM Tools. This blog post outlines the “so what” for IT leaders, and why we believe this Gartner analysis deserves your focus right now. As you see in the Magic Quadrant in...

CVE-2022-23720

PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID...

CVE-2022-23720

PingID Windows Login prior to 2.8 is vulnerable when provisioned with the full permissions PingID properties file, allowing administrator-privileged API credentials to be deployed to Windows Login user endpoints. This misprovisioning can enable an attacker to perform administrative actions agains...

CVE-2022-23720 PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file

PingID Windows Login prior to 2.8 does not alert or halt operation if it has been provisioned with the full permissions PingID properties file. An IT administrator could mistakenly deploy administrator privileged PingID API credentials, such as those typically used by PingFederate, into PingID...

Establishing a Baseline for Remote Desktop Protocol

For IT staff and Windows power users, Microsoft Terminal Services Remote Desktop Protocol RDP is a beneficial tool that allows for the interactive.aspx use or administration of a remote Windows system. However, Mandiant consultants have also observed threat actors using RDP, with compromised doma...

Why you can’t update it all at once?

It’s the second part of our talk with Daniil Svetlov at his radio show “Safe Environment” recorded 29.03.2017. In this part we talk about vulnerabilities in Linux and proprietary software, problems of patch an vulnerability management, and mention some related compliance requirements. Video with...

Two factor Authentication

As a company IT administrator of our company I want that all users authenticate to bamboo in two steps username password & app or sms. So that I'm always sure that a employee of our company logs in bamboo instead of a hacker. This makes even my infrastructure more secure...

Novell NetIQ Privileged User Manager Security Bypass

Added: 12/03/2012 BID: 56539 OSVDB: 87334 Background Novell NetIQ Privileged User Manager NPUM allows IT administrators to work on systems without exposing superuser administrator or supervisor passwords or root-account credentials to the administrator. Problem NetIQ Privileged User Manager 2.3.1...

Lessons to learn from the HBGary Federal hack !

The Anonymous attack on HBGary may have amused some who enjoyed the sight of a security firm left embarrassed and exposed, but it should send a shiver down the spine of any IT administrator responsible for securing their own company. Because can you honestly put your hand on your heart and say a...