The security expert Dirk-jan Mollema discovered a privilege escalation vulnerability in Microsoft Exchange that could be exploited by a user to become a Domain Admin.Continue…
Rootkits are tools and techniques used to hide malicious modules from being noticed by system monitoring.Continue…
Application whitelisting is the practice of specifying an index of approved software applications that are permitted to be present and active on a computer system.
During investigation in a security incident, event log analysis is a key element.
During a forensic analysis of a Windows system, it is often critical to understand when and how a particular process has been started.
Microsoft Terminal Services Remote Desktop Protocol (RDP) is a great feature that allows the interactive use or administration of a remote Windows system.
However, it can be also used by an attacker, with compromised domain credentials, to move laterally across the local network.
The security researcher Marius Tivadar has discovered a vulnerability on Windows NTFS filesystem and published a proof-of-concept code on GitHub that could be used to cause Blue Screen of Death within seconds on most Windows computers.
The Windows Subsystem for Linux (WSL) is a great feature introduced in Windows 10.
Is a compatibility layer for running Linux binary executables natively on Windows 10, and allows the use of a rather real linux installation, without using a virtual machine.