Archive for the ‘windows-security’ Category.

Darknet - The Darkside : No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug

12/15/2011, 10:41

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Read the full post at darknet.org.uk


Category: beast, beast bug, Countermeasures, duqu, duqu bug, exploits, Exploits/Vulnerabilities, hacking microsoft, hacking-windows, Malware, microsoft, microsoft security, patch-tuesday, patches, vulnerabilities, Windows Hacking, windows-security  |  Comment

Darknet - The Darkside : Microsoft Enhanced Mitigation Evaluation Toolkit (EMET)

06/01/2011, 12:38

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before…

Read the full post at darknet.org.uk


Category: Countermeasures, emet, enhanced mitigiation evaluation toolkit, hacking-windows, microsoft, microsoft emet, microsoft security, microsoft-hacking, security mitigation, Security Software, Windows Hacking, windows-security  |  Comment

Darknet - The Darkside : Microsoft Unleashes Record Breaking Patch Tuesday – April 2011

04/13/2011, 12:19

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

We all love Patch Tuesday – no doubt about that right? Well Microsoft has blessed us this month with the biggest Patch Tuesday in the history of the program. That’s a good thing because it’s had some horribly effective vulnerabilities revealed lately. It managed to package up a massive bundle of patches for 64 vulnerabilities…

Read the full post at darknet.org.uk


Category: april 2011 patch tuesday, black tuesday, Countermeasures, Exploits/Vulnerabilities, microsoft, microsoft patch tuesday, microsoft patches, microsoft security, patch-tuesday, Security Software, windows 0day, Windows Hacking, windows zero day, windows zeroday, windows-exploits, windows-security  |  Comment

Darknet - The Darkside : Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

03/03/2011, 13:01

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system…

Read the full post at darknet.org.uk


Category: attack surface, attack surface analyzer, Countermeasures, Exploits/Vulnerabilities, manage attack surface, microsoft, microsoft asa, microsoft attack surface analyzer, microsoft security, risk management, security audit tool, security management, Security Software, security-audit, Windows, Windows Hacking, windows-security  |  Comment

Darknet - The Darkside : Windows Vista & Windows 7 Kernel Bug Can Bypass UAC

11/30/2010, 11:11

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Now this is not the first time Windows UAC has hit the news for being flawed, back in February 2009 it was discovered that Windows 7 UAC Vulnerable – User Mode Program Can Disable User Access Control and after that in November 2009 it was demonstrated that Windows 7 UAC (User Access Control) Ineffective Against [...]

Read the full post at darknet.org.uk


Category: 0day, bypass uac, Exploits/Vulnerabilities, Malware, prevx, sophos, uac, user access control, win7 0day, windows 7 exploit, windows 7 zero-day, Windows Hacking, windows kernel exploit, windows kernel vulnerability, windows uac, windows vista exploit, windows-security, zero-day  |  Comment

Darknet - The Darkside : Windows Credentials Editor v1.0 – List, Add & Edit Logon Sessions

10/14/2010, 12:00

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used in further…

Read the full post at darknet.org.uk


Category: get ntlm hash, get windows hash, Hacking Tools, hacking-windows, ntlm hash, pass the hash, Password Cracking, wce, windows credential editor, Windows Hacking, windows hash cracker, windows-security  |  Comment

Darknet - The Darkside : DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability

09/09/2010, 08:45

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

DllHijackAuditor is the smart tool to Audit against the Dll Hijacking Vulnerability in any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to…

Read the full post at darknet.org.uk


Category: audit dll hijacking, Countermeasures, dll exploit, dll hijack auditor, dll hijack vulnerability scanner, dll preloading, dll vulnerability, dll vulnerability audit tool, dllhijackauditor, hacking-windows, Programming, Security Software, windows dll injection, windows-security  |  Comment

Darknet - The Darkside : Windows PowerShell DNS Server Blackhole Tool – Blacklist Domains

09/01/2010, 10:40

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is a Windows PowerShell Script to help you with blacklisting domains you wish to block in your networks. We have written about PowerShell before, it is something which can make the windows shell a lot more flexible. On the external DNS servers you can create primary zones for the domain names and FQDNs you [...]

Read the full post at darknet.org.uk


Category: Countermeasures, dns blacklisting, domain blacklist, domain blacklisting, Network Hacking, powershell, powershell dns blackhole script, Security Software, windows dns, windows dns blacklist, windows dns server blackhole tool, windows powershell, windows-security  |  Comment

Darknet - The Darkside : Microsoft Confirms Windows Zero Day Bug In Shortcut Files

07/23/2010, 11:51

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This is a pretty nasty attack and for once Microsoft have actually acknowledged and confirmed this is a critical unpatched vulnerability. Incidentally Microsoft also recently retired Windows XP SP2 from the support cycle, and this vulnerability effects that system and they have stated they will not be patching it. It’s a pretty serious bug…

Read the full post at darknet.org.uk


Category: 0-day, 0-day windows exploit, 0day, Exploits/Vulnerabilities, oob patch, out of band, out of band patch, root kit, stuxnet, Windows Hacking, windows shortcut exploit, windows vulnerability, windows xp sp2, windows-exploit, windows-security  |  Comments Off