In part three of a series, GoSecure ethical hackers have found another way to exploit insecure Windows Server Update Services (WSUS) configurations. By taking advantage of the authentication provided by the Windows update client and relaying it to other domain...
This is the second blog post in a series discussing attacks leveraging Windows Server Update Services (WSUS). After having revived the classic 2015 WSUS attack in part 1 of the series by creating a tool, PyWSUS, that works on Windows 10, we started to wonder if the...
At GoSecure, we work hard to illustrate the impact of our pentest findings on our clients’ security posture. In the past few years, we found numerous organizations with vulnerable Windows Server Update Services (WSUS) deployments. However, no tool (reliable enough to...
For the sixth year, GoSecure is encouraging everyone to join Hacktoberfest. GoSecure has multiple projects open to contributions! For this specific event, we have tagged issues that are accessible to newcomers with the official tag [hacktoberfest]. Why...
For the fifth year, GoSecure is encouraging everyone to join Hacktoberfest – a month-long celebration of open-source software. GoSecure has multiple projects open to external contributions. For this event, we have tagged issues that are accessible to newcomers...
FR
