Thursday, January 28, 2016

Introducing the Windows PowerShell ISE Preview


A new preview release model for the PowerShell ISE 
The biggest news is that we've developed a new strategy to ship a separate preview edition of the PowerShell ISE. This enables us to add new features and release them to all of you much faster than before. Previously you had to wait for new Windows or WMF releases before you would get an updated ISE. Thanks to the PowerShell Gallery, we can now ship the Windows PowerShell ISE Preview as often as we like!

Source : Windows PowerShell Blog

Windows 10 Tip: Easily Filter Search Results And Power Search Features

If you have ever used the search feature in Windows 10, and there is a good chance you have, there is a new way to filter search results that should help you find what you are looking for, faster. It looks like this feature was added in a recent update and if you haven’t tried it yet, here’s how it works ...
Source : Thurrott.com

Tuesday, January 26, 2016

NMAP + Powershell + whatever tool is next

Early on in many penetration test or security assessment, you will often find yourself wading through what seems like hundreds or thousands of text files, each seemingly hundreds or thousands of pages long (likely because they are). One key to success in these situations is to automate the analysis of these files as much as possible – you want to get the “drudgery” job done and move on to subsequent tasks that need real eyes on the screen and hands on the keyboard.
Let’s look at NMAP for instance. It’s a valuable tool, we all use it. But if you are scanning a /16 or a /8 network (or even lots of /24’s), the volume of output can be .. daunting? .. significant? .. collosal ?

Source : InfoSec Handlers Diary Blog

Monday, January 25, 2016

HOTFIX: Update to enable WSUS support for Windows 10 feature upgrades

A new hotfix is available that enables Windows Server Update Services (WSUS) on a Windows Server 2012 or Windows Server 2012 R2 to sync and distribute feature upgrades for Windows 10. Note that this hotfix is not required to enable WSUS to sync and distribute servicing updates for Windows 10. This hotfix also addresses an issue where Windows 10 computers are displayed as Windows Vista.

Source : Microsoft WSUS and Software Update Team Blog

Assessing Remote Certificates with Powershell

Building on our last conversation about HTTPS and Powershell, let’s look at another common thing you’d do with HTTPS in a system administrator, or in a security assessment or penetration test – let’s assess the HTTPS certificates themselves.

Source InfoSec Handlers Diary Blog

For those on WSUS 3.0 SP2 (or SBS 2011)

As indicated in a previous post, we are making changes to WSUS 4.0 and later that will provide a smoother Windows 10 servicing experience. Because WSUS 3.0 SP2 is already in extended support (receiving no support at all after July 2017), and we are not shipping these improvements further down-level, it is a good idea to start planning your WSUS migration now. Here is some guidance on how to respond to the recent changes based on your current situation, with the assumption that you intend to deploy Windows 10 in your environment.

Source : WSUS Product Team Blog

Security baseline for Windows 10 (v1511, "Threshold 2") -- FINAL - Microsoft Security Guidance - Site Home - TechNet Blogs

Microsoft is please to announce the final release of the security configuration baseline settings for Windows 10 version 1511, also known as "November Update," "Build 10586," "Threshold 2," or "TH2." The downloadable attachment to this blog post includes importable GPOs, tools for applying the GPOs to local GPO, custom ADMX files for Group Policy settings, and all the settings in spreadsheet form. We will also be publishing SCM .CAB files for this Windows 10 baseline shortly, and will announce their availability on the Security Guidance blog. (Note that we will not be providing updated SCM .CAB files for the IE11 guidance. For that content, see the attachment on this blog post.)

Source : Microsoft Security Guidance

New tool: Policy Analyzer

Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs). It can highlight when a set of Group Policies has redundant settings or internal inconsistencies, and can highlight the differences between versions or sets of Group Policies. It can also compare GPOs against current local policy settings and against local registry settings. And you can export its findings to a Microsoft Excel spreadsheet.

Source : Microsoft Security Guidance

Tuesday, January 19, 2016

Getting Started with the PowerShell 5.0 Information Stream

One of the great additions to PowerShell 5.0 is the new information stream. You can use this stream as a logging mechanism in your scripts and functions, which is something I want to demonstrate today.

Source : Petri

Monday, January 18, 2016

Sync PowerShell scripts between computers with Git

In the first article of this series, I taught you how to install and configure the Git version control system (VCS) to help you manage your Windows PowerShell scripts. Today, you'll learn how to sync your PowerShell scripts between your computers.

Source : 4sysops

Wednesday, January 06, 2016

Meet Ransom32: The first JavaScript ransomware

Software as a service (or SaaS) is a relatively new model of how a lot of software companies are conducting their business today – often to great success. So it comes as no surprise that malware writers and cyber crooks are attempting to adopt this model for their own nefarious purposes. In the past year a whole bunch of these “Ransomware as a Service” campaigns appeared, like for example Tox, Fakben or Radamant. Today we want to spotlight the newest of these campaigns.

Source : Meet Ransom32: The first JavaScript ransomware

PowerSploit

PowerSploit is an offensive security framework for penetration testers and reverse engineers. It was born out of the realization that PowerShell was the ideal post-exploitation utility in Windows due to its ability to perform a wide range of administrative and low-level tasks all without the need to drop malicious executables to disk, thus, evading antivirus products with ease.

Source : PowerShell Magazine

Monday, January 04, 2016

Prevent WPScan from scanning · security.szurek.pl

Below I will show few methods which can prevent WPScan scan.

Source : security.szurek.pl

Recent updates to the Remote Desktop Client Preview for Mac

Hello everyone, this is Ayesha Mascarenhas on the Remote Desktop team. We released the Remote Desktop client preview for Mac in August this year. Over the last few months many of you have shared feedback and feature suggestions. Today, I’m sharing with you some of the updates we have made to the Remote Desktop client preview app for Mac since it was first released.

Source : Remote Desktop Services (Terminal Services) Team Blog

Reinstall KB3093594 to fix stability issues in Windows Live Mail 2012

In the second week of this month, Microsoft had alerted Windows Live Mail 2012 users that some chnages are coming to users of Microsoft accounts like Outlook, Live, Hotmail, MSN accounts that may prevent mails being delivered to Windows Live Mail 2012. And it said, in order to continue using this Mail client, you need to install this update.(Update for Windows Live Essentials Mail 2012 (KB3093594) )

Source : meraTechPort

Android for the Windows Guy: Use Your Microsoft Accounts

You’ve adopted an Android smart phone, but your contacts, email, and calendaring information are tied up in your Outlook.com or Office 365 account. No worries, you can access it all from Android, and even make sure that your phone calls and text messages correctly identify who’s reaching out to you. 
The best news? You can make this work no matter which apps you choose to use to manage your contacts, email and calendar.

Source : Thurrott.com

Using WPScan: Finding WordPress Vulnerabilities

When using WPScan you can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if any weak passwords, users, and security configuration issues are present. The database atwpvulndb.com is used to check for vulnerable software and the WPScan team maintains the ever-growing list of vulnerabilities. 
Last time, we taught you how to install WPScan on Mac and Linux
This time we are going to dive into how to use WPScan with the most basic commands.
Source : Sucuri Blog

MMCSnapInsView – MMC snap-in launcher

NirSoft released the free MMCSnapInsView tool that allows you to view and launch all MMC snap-ins that are installed on a Windows computer.
Source : MMCSnapInsView – MMC snap-in launcher

Concurrent Remote Desktop (CRDP) for Windows 10

Concurrent Remote Desktop allows you (the administrator) to simultaneously use a client computer while a standard user is still interactively using it. For IT, this is huge! Imagine never having to kick a person off of their computer because you need to work on it. Concurrent Remote Desktop (CRDP) makes this possible. This guide will cover CRDP setup for Windows 10.
Source : DeployHappiness