New Windows Vulnerability... not good | |
Anonymous Coward User ID: 83456335 United Kingdom 05/28/2022 06:52 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 83458474 United States 05/28/2022 07:11 PM Report Abusive Post Report Copyright Violation | "Attackers can launch this attack using the KrbRelayUp tool developed by security researcher Mor Davidovich as an open-source wrapper for Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn privilege escalation tools." Quoting: Anonymous Coward 80082094 So this guy is called a "security researcher" and publishes a tool designed to facilitate attacks on systems? I could never understand this kind of s**t. Why make matters worse by telling people at large how exactly to make the attack and providing the tools to do it? Doctors publishing books on surgery are not serial killers, jerk. Very poor comparison. I hope that you can do better. For a Portugeek? Dream on. |
Anonymous Coward User ID: 83458474 United States 05/28/2022 07:12 PM Report Abusive Post Report Copyright Violation | "Attackers can launch this attack using the KrbRelayUp tool developed by security researcher Mor Davidovich as an open-source wrapper for Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn privilege escalation tools." Quoting: Anonymous Coward 80082094 So this guy is called a "security researcher" and publishes a tool designed to facilitate attacks on systems? I could never understand this kind of s**t. Why make matters worse by telling people at large how exactly to make the attack and providing the tools to do it? Doctors publishing books on surgery are not serial killers, jerk. well put |
Jungleboogie
User ID: 83112306 Canada 05/28/2022 07:37 PM Report Abusive Post Report Copyright Violation | So this guy is called a "security researcher" and publishes a tool designed to facilitate attacks on systems? Quoting: Anonymous Coward 80082094 I could never understand this kind of s**t. Why make matters worse by telling people at large how exactly to make the attack and providing the tools to do it? Once it's published it becomes a zero day vulnerability obviously. Would you rather he kept it quiet? Embrace the cognitive dissonance. |
Anonymous Coward User ID: 80903096 United States 05/28/2022 07:48 PM Report Abusive Post Report Copyright Violation | |
Anonymous Coward User ID: 72884301 United States 05/28/2022 07:53 PM Report Abusive Post Report Copyright Violation | Privilege escalation. It's been an ongoing battle for decades, 95% of MS's "security updates" deal with privilege escalation vulnerabilities. Quoting: CK Dexter Haven A hacker still has to gain access to the system before the exploit can be used. There's still lots of ways to land. Reminds of the old saying we have, "Hackers only have to be successful once...blue teams have to be successful every single time." |
BBQ BOY™
User ID: 81759931 United States 05/28/2022 07:57 PM Report Abusive Post Report Copyright Violation | I got an "attack" last week, when I clicked on a u-tube link... it locked up my desk top PC, and gave me a number (Microsoft) to call to fix the problem without causing permanent damage ... I demanded some ID when they insisted that I download a "viritual link" to their web-site - and they showed me the rep I was talking to, Microsoft ID with picture ... and I did down load the apt - and they did restore windows immediately ... but as soon as I got back on-line and the call was ended, I removed the app and the program from my system Quoting: Shadow Dance so many crooks ... so many trusting individuals LOL Might want to read this from Msoft. [link to answers.microsoft.com (secure)] "Never underestimate the pain of a person. In all honesty, everyone is struggling. Just some people are better at hiding it than others." Everyone has to work out their own salvation. Life can only be understood backwards, but it must be lived forwards. |
Red John
User ID: 59735368 Canada 05/28/2022 08:11 PM Report Abusive Post Report Copyright Violation | Privilege escalation. It's been an ongoing battle for decades, 95% of MS's "security updates" deal with privilege escalation vulnerabilities. Quoting: CK Dexter Haven A hacker still has to gain access to the system before the exploit can be used. There's still lots of ways to land. Reminds of the old saying we have, "Hackers only have to be successful once...blue teams have to be successful every single time." using IE is the primary entrance for privilege escalation malicious email is the secondary entrance I've never been hacked or had any of my systems infected in the last 23 years of web use oh hai! |