Carlo

Strongly fascinated by networks, Linux systems and Windows infrastructures. Quick learner and sharply focused. Web Application security is my sidekick of fun. _Constant, never ending student_

Posts by Carlo:

SIGRed (CVE-2020-1350) affects ALL Windows DNS Servers and leads to full domain compromise.

Yes that it is true. The high severity vulnerability identified by CVE-2020-1350, reported here, affects all versions of Windows DNS Server from 2003 to 2020 and since DNS servers are usually Domain Controllers, that results in obtaining Domain Admin privileges. SIGRed is a wormable vulnerability with a CVSSv3 score of 10.0, the highest, and triggered by […]

15 Jul 2020 in Cyber Security&Infrastructure

A Short Story of a Targeted Attack

The importance of a quick detection and response. Companies are constantly getting targeted by cyber-attacks, some of them may have important valuable customer information, production manufacturing secrets or, in general, sensitive data of all different kinds. Attacks are not always focused on stealing information, but can also aim at implanting ransomware, thus at stopping production […]

02 Jun 2020 in Cyber Security