Tag Archive | "microsoft"


19 February 2014 | 1,182 views

2 Different Hacker Groups Exploit The Same IE 0-Day

It hasn’t been too long since the last serious Internet Explorer 0-day, back in November it was used in drive-by attacks – Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks. And earlier last year there was an emergency patch issued – Microsoft Rushes Out ‘Fix It’ For Internet Explorer 0-day Exploit. [...]

Continue Reading


17 August 2012 | 1,047 views

Microsoft Patches Critical Security Vulnerabilities In Windows, Office, IE, Exchange & SQL Server

Another huge raft of critical fixes has been pushed out by Microsoft across almost their entire range of products, including client and server side software and the Windows OS itself. It’s been a while since I’ve seen such a huge variety of security issues in one update including 5 critical vulnerabilities. If you are running [...]

Continue Reading


08 August 2012 | 3,556 views

chapcrack – A tool for parsing and decrypting MS-CHAPv2 network handshakes.

chapcrack is a tool for parsing and decrypting MS-CHAPv2 network handshakes, it was announced recently at Defcon as we read over here – Marlinspike demos MS-CHAPv2 crack. The process is as follows: Obtain a packet capture with an MS-CHAPv2 network handshake in it (PPTP VPN or WPA2 Enterprise handshake, for instance). Use chapcrack to parse [...]

Continue Reading


12 July 2012 | 1,307 views

Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) 3rd Party GUI

We published an article about Microsoft Enhanced Mitigation Evaluation Toolkit (EMET) when it came out back in June 2011. The Native GUI for EMET is in .NET and there are some situations or restricted environments where you may be unable to install .NET or just simple don’t want to use it. This is where this [...]

Continue Reading


11 April 2012 | 1,283 views

Microsoft Delivers 6 Out Of Band High Priority Security Updates

Now it was only last month when everyone was wrapped up in the MS12-020 RDP Exploit Code In The Wild issue. As it turns out, Microsoft have been hiding some more serious security issues under the carpet. Apparently attackers are already exploiting the MS12-027 flaw in ActiveX in the wild – although Microsoft of course [...]

Continue Reading


15 December 2011 | 8,078 views

No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug

It looks like Microsoft originally had a patch for the BEAST vulnerability, but for some reason they have withdrawn it for the December Patch Tuesday. It’s a pretty bumper crop of patches though with 13 bulletins and 19 vulnerabilities fixed, the highest profile one being a patch for the zero-day vulnerability exploited by Duqu. The [...]

Continue Reading


01 June 2011 | 7,371 views

Microsoft Enhanced Mitigation Evaluation Toolkit (EMET)

The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the [...]

Continue Reading


20 April 2011 | 6,141 views

Microsoft Implements Company Policy For Vulnerability Disclosure

Microsoft has implemented a new company policy regarding vulnerability disclosure in non-Microsoft products (third-party products). Unsurprisingly they are following the ‘responsible disclosure’ line rather than the ‘full disclosure’ line favoured by the infosec community. It’s fair enough though, as they say treat others as you wish to be treated. I’m pretty sure Microsoft would much [...]

Continue Reading


13 April 2011 | 6,933 views

Microsoft Unleashes Record Breaking Patch Tuesday – April 2011

We all love Patch Tuesday – no doubt about that right? Well Microsoft has blessed us this month with the biggest Patch Tuesday in the history of the program. That’s a good thing because it’s had some horribly effective vulnerabilities revealed lately. It managed to package up a massive bundle of patches for 64 vulnerabilities [...]

Continue Reading


03 March 2011 | 9,007 views

Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system state [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·