14 matches found
EUVD-2025-16110
Malicious code in bioql PyPI...
CVE-2025-3836
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report...
CVE-2025-3836
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report...
CVE-2025-3836
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report...
CVE-2025-3836 SQL Injection
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report...
CVE-2025-3836
CVE-2025-3836 affects Zohocorp ManageEngine ADAudit Plus versions 8.5.10 and earlier, with an authenticated SQL injection in the logon events aggregate report. The root cause is an injection vulnerability exploitable by an authenticated user when accessing the logon events aggregate report. The i...
April 11, 2025—KB5058919 (OS Builds 22621.5192 and 22631.5192) Out-of-band
April 11, 2025—KB5058919 OS Builds 22621.5192 and 22631.5192 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows 11, version 23H2, see its update history page. Follow @WindowsUpdate to find...
April 11, 2025—KB5058922 (OS Build 17763.7240) Out-of-band
April 11, 2025—KB5058922 OS Build 17763.7240 Out-of-band Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we...
April 11, 2025—KB5058921 (OS Build 14393.7973) Out-of-band
April 11, 2025—KB5058921 OS Build 14393.7973 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1607, see its update history page. Important Windows updates d...
CVAD II Unable to connect to Database from DDC and getting an error "reenter controller address"
Re-enter controller address on DDC error on sql : SSPI Handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed You will be able to find the authentication failures/logon...
SharpSniper - Find Specific Users In Active Directory Via Their Username And Logon IP Address
Often a Red Team engagement is more than just achieving Domain Admin. Some clients will want to see if specific users in the domain can be compromised, for example the CEO. SharpSniper is a simple tool to find the IP address of these users so that you can target their box. It requires that you ha...
Excelerating Analysis, Part 2 — X[LOOKUP] Gon’ Pivot To Ya
In December 2019, we published a blog post on augmenting analysis using Microsoft Excel for various data sets for incident response investigations. As we described, investigations often include custom or proprietary log formats and miscellaneous, non-traditional forensic artifacts. There are, of...
August 15, 2017—KB4034663 (Preview of Monthly Rollup)
August 15, 2017—KB4034663 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4034681 released August 8, 2017 and also includes these new quality improvements as a preview of the next Monthly Rollup update: This package...
August 8, 2017—KB4034668 (OS Build 10240.17533)
August 8, 2017—KB4034668 OS Build 10240.17533 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where some of the event data for user logon events ID 4624 from Domain...