PowerSHell Archives

Microsoft December 2022 Security Updates addresses 53 vulnerabilities (7 Critical, 1 exploited in the wild)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 17, 2022 / CVE-2022-41076, CVE-2022-41089, CVE-2022-41127, CVE-2022-44670, CVE-2022-44676, CVE-2022-44690, CVE-2022-44693, CVE-2022-44698, MOTW, PowerSHell, SmartScreen

The Microsoft December 2022 Security Updates includes patches and advisories for 53 vulnerabilities, including seven Critical severity issues and one exploited in the wild.

Microsoft December 2022 Security Updates addresses 53 vulnerabilities (7 Critical, 1 exploited in the wild) Read More »

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities

Messaging Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / October 1, 2022 / CVE-2022-41040, CVE-2022-41082, Exchange, Exchange Server 2019, IIS, Microsoft, PowerSHell, ProxyNotShell, Vulnerabilities, Zero-day

Microsoft has released a new security update for two Microsoft Exchange Server zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) dubbed “ProxyNotShell” under limited targeted attacks in the wild.

Microsoft update for Microsoft Exchange Server zero-day ProxyNotShell vulnerabilities Read More »

FBI: Cuba ransomware compromised 49 critical infrastructure entities

Cybersecurity Attacks, Malware / Frank Crast / December 4, 2021 / CobaltStrike, Cuba, Cyberattack, FBI, PowerSHell, PsExec, Ransomware, RDP

The Federal Bureau of Investigation (FBI) has issued a cybersecurity alert for ransomware attacks that have compromised 49 entities in five critical infrastructure sectors, such as financial, government, healthcare, manufacturing, and information technology.

FBI: Cuba ransomware compromised 49 critical infrastructure entities Read More »

FBI warns of PYSA Ransomware attacks against schools in the U.S. and U.K.

Cybersecurity Attacks, Malware / Frank Crast / March 20, 2021 / FBI, Koadic3, Mespinoza, Mimikatz4, PowerSHell, PYSA, Ransomware, WinSCP

The Federal Bureau of Investigation (FBI) has warned of PYSA Ransomware attacks against schools located in the United States and United Kingdom.

FBI warns of PYSA Ransomware attacks against schools in the U.S. and U.K. Read More »

Microsoft February 2021 Security Updates, warns of Win32k Privilege Escalation vulnerability exploited in wild (updated)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / February 12, 2021 / .NET, Azure, CVE-2021-1732, Developer Tools, DNS Server, Edge, Exchange Server Office, IOT, Kubernetes, Microsoft Dynamics, PFX Encryption, PKU2U, PowerSHell, Skype for Business, SysInternals, System Center, TCP/IP, Visual Studio

Microsoft has released the February 2021 Security updates that includes patches for 56 vulnerabilities, 11 of those rated Critical. Moreover, the tech giant warned of a Win32k Privilege Escalation vulnerability CVE-2021-1732 exploited in wild.

Microsoft February 2021 Security Updates, warns of Win32k Privilege Escalation vulnerability exploited in wild (updated) Read More »

Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / October 16, 2020 / .NET, Adobe, codecs, CVE-2020-16898, CVE-2020-16951, CVE-2020-16952, CVE-2020-17022, CVE-2020-17023, Dynamics, Exchange Server, Flash Player, JET Database, Microsoft, Open Source, PowerSHell, Visual Studio, Windows

Microsoft has released the October 2020 Security updates that includes patches for 87 vulnerabilities, 11 of them rated Critical. The update also includes a patch for a Critical “Bad Neighbor” vulnerability and two out-of-band patches.

Microsoft October 2020 Security Updates and “Bad Neighbor” RCE fix (updated) Read More »

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks

Cloud Security, Cybersecurity Articles, Cybersecurity Attacks, Malware / Frank Crast / October 2, 2020 / C2, COVID-19, GADOLINIUM, GitHub, KRYPTON, Microsoft, PowerSHell, ZINC

Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.

GADOLINIUM threat actors use cloud services and open source tools in cyberattacks Read More »

The top 3 endpoint threats used in 2020 cyberattacks

Cybersecurity Articles, Cybersecurity Attacks, Endpoint Security, Malware, System Hardening, Vulnerabilities & Exploits / Frank Crast / September 22, 2020 / ATT&CK, BlueKeep, Cisco, CobaltStrike, credentials, CVE-2019-0708, Divergent, Emotet, FASTCash, GALLIUM, HIDDEN COBRA, IOT, Metasploit, Mimikatz, MITRE, PowerSHell, Powersploit

Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.

The top 3 endpoint threats used in 2020 cyberattacks Read More »

PowerShell Core security updates

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 18, 2019 / PowerSHell, WDAC, Windows

Microsoft has released updates to address a feature bypass vulnerability in PowerShell Core versions 6.1 and 6.2. Users should upgrade to the latest PowerShell versions to prevent an attacker from taking over affected systems.

PowerShell Core security updates Read More »

Microsoft November 2018 patch updates

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / November 14, 2018 / Azure, CVE-2018-8476, CVE-2018-8589, CVE-2018-8609, Microsoft, Office, PowerSHell, TFTP, Vulnerabilities, Windows, Zero-day

Microsoft issued the November 2018 Security Updates that include 62 unique vulnerability fixes, 12 of them rated critical.

Microsoft November 2018 patch updates Read More »