Serious Sam

In the age where bug-bounties has become an enormous and necessary cash-cow, this is a reminder that sometimes the KISS (keep it simple stupid) principle still applies to the vulnerability research field. A well-known researcher discovered a ten-year-old vulnerability in Windows 10 which allowed credentials to be dumped from Windows 10 devices with the latest updates.In the age where bug-bounties has become an enormous and necessary cash-cow, this is a reminder that sometimes the KISS (keep it simple stupid) principle still applies to the vulnerability research field. A well-known researcher discovered a ten-year-old vulnerability in Windows 10 which allowed credentials to be dumped from Windows 10 devices with the latest updates.

The Scoop

Benjamin Delphy, the creator of Mimikatz was poking around the new Windows 11 when he found something interesting. The SAM database had ‘builtin’ users assigned to the access control list. In plain English, any standard user would be able to read the database.

SAM stands for security account manager. Stores hashed credentials, that kind of thing. You can find it lurking in the %SystemRoot%/system32/config/SAM directory. Can’t access it? Good! you need to be an administrator. Try running icacls c:\windows\system32\config\SAM in a command prompt.

Icacls is a command line utility for modifying permissions and can be used to check permissions on a file. If you run the command, you will probably find what I did, that your SAM database is indeed readable and executable by a builtin user account. At this point you reach for a drink. Not during work hours of course. During work hours you reach for that alcohol free vodka.

serious sam 1

Read more: Serious Sam

  • Hits: 347
Family Time

Firewalla - Family Time

Firewalla is committed to taking back family time from social networks. One hour at a time. Our "Social Hour" feature blocks all social networks for one hour.

We all spend time on social networks. But have you ever wished that your family had a “time out” during dinner and other family occasions so that you can enjoy your time together and chat about your day?

Firewalla is with you. We’re committed to helping take back family time, one hour at a time, with our ‘Social Hour’ button. One tap and all major social networks will be blocked for one hour.

Read more: Firewalla - Family Time

  • Hits: 894

Copyright © 2019 J2 Software | Powered By Cartmell