Tenable

OCTOBER 22, 2024

CVE-2010-2568: Windows Shell Remote Code Execution Vulnerability Remote Code Execution Exploited Zero-Day Local Stuxnet High 2010 Why it’s significant: Regarded as one of the most sophisticated cyberespionage tools ever created, Stuxnet was designed to target SCADA systems in industrial environments to reportedly sabotage Iran's nuclear program.

Software Review 77

Software Review Windows Groups Network 77

Linux Academy

MAY 15, 2020

The Linux operating system naturally lent itself to taking advantage of containers using namespaces and control groups (cgroups). To increase storage efficiencies between the container and host, the VM uses SMB protocol over VM bus. First, I want to acknowledge that there is a big difference between Linux and Windows containers.

Windows 129

Windows Linux Azure SMB 129

Tenable

DECEMBER 21, 2022

CVE-2022-37958 is a remote code execution (RCE) vulnerability in the SPNEGO NEGOEX protocol of Windows operating systems, which supports authentication in applications. What is SPNEGO NEGOEX? More details about SPNEGO NEGOEX can be found here. What protocols use SPNEGO NEGOEX?

Windows 98

Windows SMB Authentication Research 98

CTOvision

AUGUST 4, 2014

Working in concert with dozens of customers and enterprises as part of an Early Access Program for these milestone releases, participants verified they were able to meet their unique environmental configurations such as custom and third-party browser plug-ins using Invincea’s pluggable architecture framework. The FreeSpace 4.0 FreeSpace 4.0

Security 102

Security Enterprise Windows Malware 102

Tenable

OCTOBER 28, 2021

Per the joint alert: “Using embedded, previously compromised credentials, BlackMatter leverages the Lightweight Directory Access Protocol (LDAP) and Server Message Block (SMB) protocol to access the Active Directory (AD) to discover all hosts on the network. BlackMatter then remotely encrypts the hosts and shared drives as they are found.”.

Software Review 106

Software Review Windows SMB Network 106

Jeremiah Grossman

JANUARY 12, 2010

Slowloris HTTP DoS Robert Hansen, (additional credit for earlier discovery to Adrian Ilarion Ciobanu & Ivan Ristic - “Programming Model Attacks” section of Apache Security for describing the attack, but did not produce a tool) 6. Flickr's API Signature Forgery Vulnerability (MD5 extension attack) Thai Duong and Juliano Rizzo 4.

SMB 40

SMB Research Operating System Windows 40

AlienVault

SEPTEMBER 24, 2018

2018 seems to be a time for highly profitable cryptominers that spread over SMB file-shares. CVE-2017-0143, SMB exploit. CVE-2017-0146, SMB exploit. Both are basically the same, just adjusted for operating system. Installation. Depending on OS architecture, you’ll either find x86.dll dll or x64.dll

Malware 40

Malware SMB .Net Architecture 40