Information Security in Today's Digital Culture
Header
printer1

The first time I compromised a Windows domain using this printer misconfiguration my jaw dropped to the floor. I had to walk away from the computer for a minute to soak it in. I had just escalated from zero access to Domain Administrator in under two minutes through the printer user interface. The keys to …
Read more

Seeing the rate at which companies have been successfully attacked by Java exploits while their users surf the web, I became increasingly alarmed and wondered how I was going to defend my own network. I had always known that Active Directory Group Policy could push out software, but I had never explored the option as …
Read more

The MS12-020 vulnerability for which Microsoft released a patch yesterday is about as bad as you can get. The vulnerability requires *no* authentication, can be exploited from *any network* that has connectivity to a Remote Desktop Protocol (RDP) service, and gives an attacker a full GUI at the super-user level (the SYSTEM account on Windows). …
Read more

Another Adobe Acrobat vulnerability is being exploited in the wild. All versions up to and including 9.1.3 are vulnerable. The current exploit targets Acrobat and Acrobat Reader on Windows specifically, but all Acrobat variants (those for Linux and Mac OS X) are vulnerable. Apparently, using DEP (Data Execution Prevention) in Windows may thwart the attack …
Read more

Vista SP2…it works

May 27th, 2009 | Posted by Brett Edgar in Microsoft | Windows - (0 Comments)

Well, installation wasn’t too bad.  It took about 20 minutes or so.  As a bonus, all of my settings seem to be intact and all of my programs continue to function properly.  Even our corporate AV is working… I hope this isn’t premature, but: Good job, Microsoft. Brett EdgarBrett is a Founder and the former …
Read more