A hardcoded SSH public key in #Fortinet’s Security Information and Event Management #FortiSIEM that can be used to generate a denial of service against FortiSIEM Supervisors and is stored in plain text. Please upgrade. Thanks Andyf for alerting! https://t.co/8bjg8Fi2Pc
22 Jan 2020
Dutch Nationaal Cyber Security Centrum (@ncsc_nl) has provided a decision supporting flowchart about the #Citrix vulnerability #Shitrix, clearly stating the moments of mitigation, public exploits, scans and risks. (Dutch) https://t.co/7WLj87Af9R
21 Jan 2020
With 2FA your phone becomes an important factor in data protection. How #SIM-jacking works: A hacker decides you are worth attacking. They call your phone provider, or visit a mobile phone store, and convince someone that they’re you and get your number assigned to their phone. https://t.co/mlYGYNirHv
18 Jan 2020
Great quote:Caleb Barlow, VP of X-Force Threat Intelligence at IBM Security, said about charging phones, “Plugging into a public USB port is kind of like finding a toothbrush on the side of the road and deciding to stick it in your mouth. #juicejacking https://t.co/QMpVmnCGZV https://t.co/qCLu1CyKXW
03 Jan 2020
Today the #California Consumer #privacy Act (#CCPA) goes into effect. Are you ready for another state based #privacylegislation or need federal USA privacy legislation just as the EU #GDPR? @PrivacyPros #happynewyear2020 https://t.co/wccccEt48J
31 Dec 2019
Microsoft Windows Attack Surface AnalyzerThe, as always great, Petri Insider Newsletter by Petri.com pointed me to the Microsoft Windows Attack Surface Analyzer.
Attack Surface Analyzer is developed by Microsoft's Trustworthy Computing Security group. It is the same tool used by Microsoft's internal product groups to catalogue changes made to operating system attack surface by the installation of new software. Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface. This tool allows:
Reporting requires Microsoft .NET Framework 4 and can run on Windows 7, Windows 8, Windows Server 2008 R2, Windows Server 2012 R2.
Running the system scan
Reporting after installationWhen you start the program after installation and run the Attack Surface Analyzer, the reporting gives you a html page containing information about:
Attack Surface Report:
Table Of Contents
DownloadYou can download the Attack Surface Analyzer and the extensive documentation here. The Linux, Mac OS X, Windows 10 version can be found here.
You may vote your opinion about this article:
Scripts and programming examples disclaimerUnless stated otherwise, the script sources and programming examples provided are copyrighted freeware. You may modify them, as long as a reference to the original code and hyperlink to the source page is included in the modified code and documentation. However, it is not allowed to publish (copies of) scripts and programming examples on your own site, blog, vlog, or distribute them on paper or any other medium, without prior written consent.
Many of the techniques used in these scripts, including but not limited to modifying the registry or system files and settings, impose a risk of rendering the Operating System inoperable and loss of data. Make sure you have verified full backups and the associated restore software available before running any script or programming example. Use these scripts and programming examples entirely at your own risk. All liability claims against the author in relation to material or non-material losses caused by the use, misuse or non-use of the information provided, or the use of incorrect or incomplete information, are excluded. All content is subject to change and provided without obligation.
Generated by WebHalla™ Version 0.1.e.4 : Monday 27-1-2020
© Copyright 1995-2020 ing. Johan P.G. van Soest CIPM