Smbexec is a tool that you can use for penetration testing domain controllers; the program allows running post exploitation for domain accounts and expanding the access to targeted network. This gives pentesters full access without any privilege requirement.
Latest release includes improvements so it runs faster and there are more options in configuration and a module that support file search. Using smbexec allows easily going through all machines on the network and collecting the necessary information such as the UAC configuration or other system settings beside where the domain administrators’ credentials are in use.
Read more here – http://www.sectechno.com/2014/03/30/smbexec-rapid-post-exploitation-tool/
Project Shield is an initiative launched by Google Ideas to use Google’s own Distributed Denial of Service (DDoS) attack mitigation technology to protect free infrastructure online. The service allows other websites to serve their content through Google’s infrastructure without having to move their hosting location.
Read more here – http://projectshield.withgoogle.com/
The security guidance published by the UK government’s National Technical Authority for Information Assurance (CESG), is applicable to devices running Enterprise versions of Windows 7 and Windows 8, acting as client operating systems, which include BitLocker Drive Encryption, AppLocker and Windows VPN features. The UK government’s National Technical Authority for Information Assurance (CESG) advises organisations on how to protect their information and information systems against today’s threats.
The Windows 8 Secure Boot process alerts a user when an attempt to subvert the security controls has taken place. It is important that users know how to identify and respond to this alert.
Read more here – https://www.gov.uk/government/publications/end-user-devices-security-guidance-windows-7-and-windows-8/end-user-devices-security-guidance-windows-7-and-windows-8
A survey by Andy Grant investigated the practices of major app developers with regard to data storage on Windows Phone 7. As more people use mobile devices for sensitive tasks such as, online banking and password storage, the data stored on the device increases in value. With each new mobile platform there are more opportunities for a mobile application developer to store data in an insecure manner.
This publication provides recommendations for improving an organization’s malware incident prevention measures and handling for Desktops and Laptops. It also gives extensive recommendations for enhancing an organization’s existing incident response capability so that it is better prepared to handle malware incidents, particularly widespread ones.
Download the complete guide from here – http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-83r1.pdf
There is an alternative to perform vulnerability assessments to SCADA devices less risky and with good result information. You can use nmap scripting engine to add vulnerability scanning functionality.
Read more here – https://isc.sans.edu/diary/Using+nmap+scripts+to+enhance+vulnerability+asessment+results/16090
In case your computer gets infected with the ubiquitous ransomware that pretends to be some form of action by the Department of Justice, Department of Homeland Security, or the FBI and that states child pornography was detected on your computer, then make sure that you have a copy of this removal guide at hand! The Your computer has been locked Ransomware is a computer infection that prevents you from accessing your Windows desktop, files, or applications until you pay a $300 ransom to the malware developers.
Get the full guide from here – http://www.bleepingcomputer.com/virus-removal/remove-your-computer-has-been-locked-ransomware
Microsoft released a fix that mitigates all Java web-attack vectors through Internet Explorer. This fix covers current and past versions of Java, and all supported versions of Internet Explorer (32-bit or 64-bit). However, it does not interfere with Java’s update mechanism.
Read more here – https://blogs.technet.com/b/srd/archive/2013/05/29/java-when-you-cannot-let-go.aspx?Redirected=true
You use digital IDs to prove your identity and encrypt text when sending email messages. This permits your recipients to determine that the message was actually sent by you and keeps your conversation private.
The Autoplay feature may pose a security risk on computers running Windows operating systems. The feature enables computers to automatically open and run different types of media when they are inserted into the computer. Malware leverage such capabilities by using an autorun.inf to try and install itself on every computer the infected media is attached to. To disable the Autoplay feature on Windows computers follow these steps: