May 2019 – PwnDefend

‘Wormable’

When a post starts like this:

“On May 14, Microsoft released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services – formerly known as Terminal Services – that affects some older versions of Windows. In our previous blog post on this topic we warned that the vulnerability is ‘wormable’, and that future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017.” – https://blogs.technet.microsoft.com/msrc/2019/05/30/a-reminder-to-update-your-systems-to-prevent-a-worm/

“Microsoft is confident that an exploit exists for this vulnerability” Read more →

Defense

Things to do before you conduct a ‘red team’…

Introduction

‘Red Teaming’ the latest phrase in the cyber security world that brings a shudder down my spine! Now don’t get me wrong, adversary simulation is awesome, it’s a great tool and when wielded correctly brings massive value to enhancing your security posture… but alas, they aren’t always deployed in a business aligned and value driven position.

They sound ‘sexy’ and any pentester is going to jump at the chance to do one, let alone the sales and marketing teams will be grinning as they will come in with higher revenue but also will increase their case study portfolio for delivered red teams! (I’m not knocking this, it’s the reality of doing business).

Having witnessed a number of these take place against organizations who I don’t feel are ready for them, I thought I would write a piece on things I would recommend having in place before conducting a ‘red team’ assessment. Read more “Things to do before you conduct a ‘red team’ assessment” →

CVE-2019-0708 – BlueKeep

‘Wormable’

Things to do before you conduct a ‘red team’…

Introduction