Virusi prin Google Chrome pe Server Message Block (SMB)

cubism code

The problem is that a Windows Explorer Shell Command File or SCF (.scf) – a text file that launches commands – requires no user action and can be used to trick Windows into an authentication attempt to a remote SMB server, which then gathers victims’ usernames and Microsoft LAN Manager (NTLMv2) password hash, Stankovic wrote.

This is enough personal data, he explained, to launch account breaches on Windows systems. For enterprises using Microsoft Exchange and which use NTLM as an authentication strategy, the bug could enable SMB relay attacks, where the bad actors could pose as the victim and thus gain access to networks without a password.

When a number of anti-virus solutions were tested, none captured the downloaded file as suspicious.

To disable automatic downloads in Google Chrome, Stankovic recommended the following preferences be checked: Settings -> Show advanced settings -> Check the Ask where to save each file before downloading option.

Article by admin

Admin-ul e un fel de shef al site-ului. Se prespune ca stie ce face pe aici si ca ce produce, are o calitatea mai mare decat ce produc altii autori din site. Cred ca e opinia lui, una ce are invidia la baza, detinerea de informatii mai tari si mai multe decat altele detinute de ceilalti. Pana la urma categoriile din meniu definesc persoana prin domeniile puse acolo si prin scrierile din site. Persoana "Admin" a facut si a dres, are o experienta si poate fi catalogat prin ce stie, face si ce mai spune ca doreste sa faca in viitor. Un indiciu: e unamoid.

Comments: no replies

Join in: leave your comment

*