Windows – Be4Sec

Unveiling Covert Threats: Gigabyte Systems’ Firmware Backdoor and Its Ramifications

On: 2 June 2023

In: News

Recently, the cybersecurity firm Eclypsium discovered suspected backdoor-like activities within Gigabyte systems. The platform’s heuristic detection methods uncovered the new supply chain threats, where legitimate third-party technologies are compromised. The primary concern lies with Gigabyte system firmware executing a Windows native executable during the system startup process. This executable proceedsContinue Reading

New MS OS Including AI

By: be4sec

On: 2 April 2023

In: News

With: 0 Comments

Microsoft is reportedly working on a new project, codenamed “Windows CorePC,” that aims to modernize the Windows operating system. The project incorporates ideas from previous Microsoft products, including Windows Core OS and Windows 10X. Windows CorePC will put modularity at the center of the system, allowing for flexible optimization forContinue Reading

Persistence via Creating a Windows Service

By: be4sec

On: 15 January 2023

In: RedTeam

With: 0 Comments

In this scenario, we assumed that we have a reverse shell to the victim’s machine and want persistence on the machine. For this, we will use Windows services. First, we start with creating a malicious .exe file called mal.exe with msfvenom. With this payload, we will be able to createContinue Reading

Are You Ready for EOS of Win Server 2012?

By: be4sec

On: 9 January 2023

In: BlueTeam, News

With: 0 Comments

Microsoft is ending its support of Windows Server 2012 R2 on 10th of October 2023. Its official EOS date was 9th of October 2018 but 2023 will also be the extended EOS date. Microsoft will stop providing technical support and bug fixes for newly discovered issues that may impact theContinue Reading

A New Multi-OS RAT?

By: be4sec

On: 6 July 2022

In: News, RedTeam

With: 0 Comments

A threat actor calling herself as ‘0xFF’ advertised a new RAT in HackForums. According to the threat actor, this new RAT tool is supporting Windows (amd64, i386, arm, arm64), Linux (amd64, i386, arm, arm64), Darwin (MacOS) (amd64(Intel), arm64(m1)) and Android (bin) (amd64, i386, arm, arm64). This Multi-OS RAT has featuresContinue Reading

Still Have 445 Port Open to Internet?

By: be4sec

On: 14 April 2022

In: News

With: 0 Comments

CVE-2022-26809 is a vulnerability exists within the Remote Procedure Call Runtime component in Microsoft Windows. If an attacker successfully exploits the vulnerability, then she/he could run arbitrary code on the affected system. To exploit this vulnerability, an attacker would need to send a specially crafted RPC call to an RPCContinue Reading

How to Disable IP Autoconfiguration

By: be4sec

On: 16 March 2022

In: Security

With: 2 Comments

If DHCP service is enabled and DHCP server is temporarily or permanently unavailable, TCP/IP assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the machine. This function in Windows is called “Automatic Private IP Addressing”. If you want to use static IP addresses in the machine, you needContinue Reading

How to Download Windows 11 ISO

By: be4sec

On: 20 August 2021

In: General

With: 1 Comment

Windows 11 was made available for users with Insider. Microsoft released the Windows 11 ISO file for test users today. To test Windows 11 with the Insider program, users had to update from Windows 10 build 21354. Windows 11, which is still in beta, has finally been released. It isContinue Reading

Zone Identifier Commands

By: be4sec

On: 29 July 2021

In: BlueTeam

With: 0 Comments

With Zone Identifier, we can say whether a file downloaded from internet or not. A file with zone.identifier extension is an ADS (Alternate Data Stream) file that contains information about another file. It describes the security zone for the file. Zone identifier files are generated by Internet Explorer and OutlookContinue Reading