Which platform is most secure? Android or iOS?

31 Aug 2020 in Cyber Security&Infrastructure

Sometimes, things just do not work out as planned. Last week’s Truesec Tech Talk was one of those things. We are sorry that some of our viewers did experience technical difficulties connecting – and that our demos did not play accordingly. We have investigated the issues and are working closely with the platform provider to […]

ConfigMgr Patch Reporting – Challenges

30 Jul 2020 in Infrastructure

I’ve spoken all around the world about different patching challenges. Somehow even after years of patching, reporting is still a challenge. Today, I want to take a different tack, and instead of attacking the technical aspects try to explain the higher-level challenges for management. To do this we are going to approach this from two […]

Invoke-WebRequest or Invoke-RestMethod?

29 Jul 2020 in Infrastructure

So, you want to play with that shiny new ReST API you’ve discovered but in doing research on consuming ReST APIs with PowerShell you’ve discovered two different cmdlets. Which one do I use? Which one is best? These are the same questions I had about 8 months ago. Invoke-WebRequest The Invoke-WebRequest cmdlet sends HTTP, HTTPS, FTP, and […]

Finding DNS Servers

29 Jul 2020 in Cyber Security&Infrastructure

This past month there was a RUSH to patch every single Windows based DNS server in every organization. Something quickly asked was “Did we get them all?”. For some organizations, you see the phrase “finding DNS,” and you find it crazy. However, at larger global organizations, it may be a real challenge. What do you […]

SIGRed (CVE-2020-1350) affects ALL Windows DNS Servers and leads to full domain compromise.

15 Jul 2020 in Cyber Security&Infrastructure

Yes that it is true. The high severity vulnerability identified by CVE-2020-1350, reported here, affects all versions of Windows DNS Server from 2003 to 2020 and since DNS servers are usually Domain Controllers, that results in obtaining Domain Admin privileges. SIGRed is a wormable vulnerability with a CVSSv3 score of 10.0, the highest, and triggered by […]