Ghosts of SMB Past Tenable Research Podcast
-
- Technology
We kick things off this episode talking to David Wells about his work with the Zero Day Research Team. He tells about recent bugs he’s found in Signal and an interesting bypass method for User Account Control in Windows. Then we hear from Satnam Narang about the latest vulnerabilities and patches (spoiler: there’s a lot of ghosts and SMB).
Show References:
https://www.tenable.com/blog/microsoft-s-june-2020-patch-tuesday-addresses-129-cves-including-newly-disclosed-smbv3
https://www.tenable.com/blog/smbleed-cve-2020-1206-and-smblost-cve-2020-1301-vulnerabilities-affect-microsoft-smbv3-and
https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of
https://medium.com/tenable-techblog/multiple-vulnerabilities-in-tcexam-f6ae38c6fb8a
https://medium.com/tenable-techblog/turning-signal-app-into-a-coarse-tracking-device-643eb4298447
https://medium.com/tenable-techblog/bypass-windows-10-user-group-policy-and-more-with-this-one-weird-trick-552d4bc5cc1b
https://medium.com/tenable-techblog/uac-bypass-by-mocking-trusted-directories-24a96675f6e
Tenable Research on Medium - https://medium.com/tenable-techblog
We kick things off this episode talking to David Wells about his work with the Zero Day Research Team. He tells about recent bugs he’s found in Signal and an interesting bypass method for User Account Control in Windows. Then we hear from Satnam Narang about the latest vulnerabilities and patches (spoiler: there’s a lot of ghosts and SMB).
Show References:
https://www.tenable.com/blog/microsoft-s-june-2020-patch-tuesday-addresses-129-cves-including-newly-disclosed-smbv3
https://www.tenable.com/blog/smbleed-cve-2020-1206-and-smblost-cve-2020-1301-vulnerabilities-affect-microsoft-smbv3-and
https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of
https://medium.com/tenable-techblog/multiple-vulnerabilities-in-tcexam-f6ae38c6fb8a
https://medium.com/tenable-techblog/turning-signal-app-into-a-coarse-tracking-device-643eb4298447
https://medium.com/tenable-techblog/bypass-windows-10-user-group-policy-and-more-with-this-one-weird-trick-552d4bc5cc1b
https://medium.com/tenable-techblog/uac-bypass-by-mocking-trusted-directories-24a96675f6e
Tenable Research on Medium - https://medium.com/tenable-techblog
31 min