Microsoft Has Already Patched a Vulnerability in Windows RDP Twice

This week, CyberArk researchers shared technical information about a named pipe RDP (Remote Desktop Protocol) vulnerability in Windows, for which Microsoft had to release two patches. The RCE vulnerability CVE-2022-21893 was fixed on January 2022 Patch Tuesday, but the attack vector was not fixed. In April 2022, Microsoft already fixed the new bug CVE-2022-24533. Let… Continue reading Microsoft Has Already Patched a Vulnerability in Windows RDP Twice

Expert hacked 70% of Wi-Fi networks in Tel Aviv for research

CyberArk specialist Ido Hoorvitch hacked 70% of Wi-Fi networks in his native Tel Aviv, seeking to prove that home networks are poorly secured and easily compromised. To conduct the experiment, Horwich walked around town with sniffing equipment and collected data from 5,000 network hashes. Next, he exploited a vulnerability to obtain the PMKID hash normally… Continue reading Expert hacked 70% of Wi-Fi networks in Tel Aviv for research

Researchers trick Windows Hello with infrared image

CyberArk researchers tricked the Windows Hello biometric authentication system that is included in all versions of Windows 10 using an infrared image of the device owner. Researcher Omer Tsarfati says the root of the problem lies in the way Windows Hello handles data from USB-connected webcams. While Windows Hello only works with webcams that have… Continue reading Researchers trick Windows Hello with infrared image