Today Microsoft accidentally leaked info about a new wormable vulnerability (CVE-2020-0796) in the Microsoft Server Message Block (SMB) protocol. Today Microsoft accidentally leaked info on a security update for a wormable vulnerability in the Microsoft Server Message Block (SMB) protocol. The issue, tracked as CVE-2020-0796, is pre- remote code execution vulnerability that resides in the Server […]
Weaponized documents are the main ingredient for almost any spam and spear-phishing campaign, let’s see how to steal windows credentials with specially crafted PDF files. Weaponized documents are the main ingredient for almost any spam and spear-phishing campaign. Weaponized PDF files can be used by threat actors to steal Windows credentials, precisely the associated NTLM […]
Microsoft has announced that the SMBv1 SMBloris bug described at DEF CON won’t be patched because it could be fixed simply blocking incoming connections. Recently security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they called SMBloris (a nod to the Slowloris DoS attack.), they presented their findings at the recent DEF CON hacker […]
Security researchers at RiskSense have identified a 20-year-old Windows SMB vulnerability they are calling SMBloris, a DEF CON Talk Will Expose it. Server Message Block (SMB) has been a foundational piece of Microsoft Windows’ networking all the way back to the LAN Manager days, facilitating “shared access to files, printers and serial ports.” It is […]
A study conducted by the security firm Rapid7 revealed that millions of devices remain exposed to cyber attacks via SMB, Telnet, RDP, and other types of improper configurations. Rapid7 published the second report National Exposure Index that provides Internet service providers (ISPs) worldwide information about the global exposure of devices. The researchers scanned the Internet for improperly configured services, […]
The US-CERT issued a security advisory to warn of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited by a remote attacker. The US-CERT is warning of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited to cause a denial of service condition or […]