QueueJumper: (CVE-2023-21554) Enables Remote MSMQ Exec
What Happened? Wayne Low of Fortinet's FortiGuard Lab and Haifei Li of Check Point Research discovered a series of vulnerabilities in Windows Message Queuing (MSMQ), the most seri...
Read MoreFortinet SSL-VPN RCE Vulnerability (CVE-2022-40684) Exploited In The Wild
What Happened French cybersecurity firm Olympe Cyberdefense discovered and disclosed a zero-day vulnerability in Fortinet (CVE-2022-40684) that enables unauthenticated remote code...
Read MoreFind a User with Their Security ID in Windows
As we noted in a previous article, Windows Event Viewer displays limited information for the Event ID 4732 in XML view, leaving you with just a Security ID, and a broken Account Na...
Read MoreActive Directory Password Auditing with NtdsAudit & NThashes
Wouldn’t it be great to know if any of the accounts in your Windows Active Directory were using passwords that have been seen in breached databases? In this article, I will show ...
Read MoreEvent ID 4732: The Case of the Missing Username
Event ID 4732 - A member was added to a security-enabled local group As described, this Event ID tracks when a member — either a domain user or local user — is added to an...
Read More