GPO to block regsvr32 AppLocker Bypass Vulnerability

A recently discovered method of bypassing AppLocker by using regsvr32.exe, poses a threat to users on Windows 7, 8/8.1, and 10 (Professional or Enterprise editions).  To work around this issue and prevent regsvr32 from accessing remote resources, you can block regsvr32.exe in the Windows Firewall.  Taking it a step further, I have added a new … Read more GPO to block regsvr32 AppLocker Bypass Vulnerability

Crypto Ransomware CTB-Locker (Critroni.A)

Move over CryptoLocker, there’s a newer and meaner kid on the block. CTB-Locker, or Curve-Tor-Bitcoin Locker, makes use of the Tor ((Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.)) … Read more Crypto Ransomware CTB-Locker (Critroni.A)

Disqus WordPress Plugin Vulnerability

A vulnerability has been discovered in the Disqus plugin for WordPress allowing for Remote Code Execution. The Disqus plugin is used on nearly 2 million WordPress blogs. Who is Vulnerable? A remote attacker could successfully execute remote code provided the following version of software are true: PHP <= 5.1.6 WordPress <= 3.1.4 Disqus Plugin <= 2.75 How … Read more Disqus WordPress Plugin Vulnerability