January 2021

Bad Combination

Microsoft Defender Remote Code Execution Vulnerability CVE-2021-1647 This is what many security professionals have been dreading. M$ Defender is on by default on all builds, installing patches turns it back on, some companies force it to be on. It has system level authority which is 1 level better than administrator. Combine that with the unwillingness …

Bad Combination Read More »

OnSite Box Hardware

I’m defining an onsite box as some hardware that can be shipped to the client for them to plug in. The box makes an outbound connection so doesn’t need any special firewall rules. Requirements and benefits: small & light; this needs to be shipped with minimal expense.powerful; this box will need to run ESXi + …

OnSite Box Hardware Read More »

Evil Amazon Hardware?

Had an instance of an Amazon Firestick attempting to send a bunch of email on TCP25. (the device could have been using TCP25 for other traffic as this port is rarely blocked) The email header didn’t match and just had a bunch of jibberish in it. Eventually we got put on multiple blacklists because of …

Evil Amazon Hardware? Read More »