Mastodawn

Jim Sykora Apr 10, 2025

Mr. Bitterness Apr 10, 2025

@GossiTheDog @jernej__s
Eh, I should have trusted my original skepticism.
The original 0x80070643 error I saw for KB5057589 didn't have anything to do with the existence of C:\inetpub
That is, I cannot confirm any rumor of the existence of C:\inetpub interfering with any of April's security udpates. And if one did happen to create C:\inetpub as a normal user, installing April's updates will tighten up the ACLs. 🤷‍♂️

The only thing of interest here is:
While KB5057589 is indeed listed as a "Security Update", I can find no information of what CVE(s) it fixes. 🤔

Jim Sykora Nov 2, 2024

Harry Stephen Keeler Nov 1, 2024

[Lessie Benningfield Randle, one of the last known living survivors of the 1921 Tulsa Race Massacre, cast her ballot for Kamala Harris in the 2024 presidential race. She turns 110 on Nov. 10.]

Jim Sykora Nov 1, 2024

James Forshaw

Oct 31, 2024

Put up the slides for my Bluehat 2024 presentation on improvements to OleView.NET https://github.com/tyranid/infosec-presentations/blob/master/Bluehat/2024/DCOM%20Research%20for%20Everyone!.pdf You can also grab v1.15 of OleView.NET from the PS Gallery which has the new features to generate proxy clients on the fly.

infosec-presentations/Bluehat/2024/DCOM Research for Everyone!.pdf at master · tyranid/infosec-presentations

A repository of previous info-sec presentations I've presented. - tyranid/infosec-presentations

GitHub

Jim Sykora Mar 22, 2024

Jake Hildreth (acorn)

Mar 22, 2024

Today on the Trimarc Twitch Happy Hour!

@jeffmcjunkin is joining us to talk about Tech Debt and how to abolish it.

Also, apparently Dev's name is pronounced "Dave" in Hindi.

2p ET

https://twitch.tv/TwitchSecurity

twitchsecurity - Twitch

twitchsecurity streams live on Twitch! Check out their videos, sign up to chat, and join their community.

Twitch

Jim Sykora Feb 9, 2024

James Forshaw

Feb 9, 2024

Okay, so I did a quick dive into sudo in Windows and here are my initial findings. https://www.tiraniddo.dev/2024/02/sudo-on-windows-quick-rundown.html

The main take away is, writing Rust won't save you from logical bugs :)

Sudo On Windows a Quick Rundown

Background The Windows Insider Preview build 26052 just shipped with a sudo command, I thought I'd just take a quick peek to see what it doe...

Jim Sykora Jan 7, 2024

Jake Hildreth (acorn)

Jan 6, 2024

New Year, New Release!

BlueTuxedo, a tiny tool built to find and fix misconfigurations in Active Directory-integrated DNS, is now at a place where it can start getting "official releases" - whatever that means for a tool worked on during spare time with no real commitment! Expect a release more-or-less monthly unless life happens.

In this release, we added more information about what BlueTuxedo actually IS to the README, added a couple checks, and improved DHCP server identification. Also, BlueTuxedo is now available in the Powershell Gallery for ease of installation!

Improvements:

New Data Collected:
- DnsUpdateProxy group membership
- Name Protection on DHCP servers
New Checks:
- Do ADI DNS zones enforce secure updates?
- Is the DnsUpdateProxy group membership >0?
Published to PSGallery

Known Issues:

Certain multi-domain forest configurations result in inability to enumerate ADI Zones.

Contributors to this release:
@horse (code)
@JimSycurity (research and testing)

Grab it from here: https://github.com/TrimarcJake/BlueTuxedo/releases/tag/2024.1

Release v2024.1 · TrimarcJake/BlueTuxedo

New Year, New Release! BlueTuxedo is now at a place where it can start getting "official releases" - whatever that means for a tool worked on during spare time with no real commitment! Expect a re...

GitHub

Jim Sykora Oct 21, 2023

Jake Hildreth (acorn)

Oct 20, 2023

@JimSycurity and I did a thing.

BlueTuxedo will help you do the following:
- Audit your Active Directory-integrated DNS - including things that aren't visible in the DNS snap-in!
- Identify common misconfigurations
- Fix identified issues

https://github.com/TrimarcJake/BlueTuxedo

GitHub - TrimarcJake/BlueTuxedo: A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS

A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS - TrimarcJake/BlueTuxedo

GitHub

Show thread

Jim Sykora Sep 21, 2023

@mjg59 I get the impression that so many products and systems are designed to only support the notion of a 1-1 user to device relationship, and just assume that relationship.

As if shared devices, kiosks, classrooms, etc never existed. Only a single laptop assigned to a single human with an unholy bond that shall never be broken (until their laptop is replaced or reimaged & everything goes south).

Even a lot of Microsoft products and systems basically assume this 1-1 device married to a user relationship.

And it's even more frustrating when security solutions that ought to know better make similar assumptions.

An admin account logged on via a secure access workstation = normal. That same admin account logged on to a daily driver PC should be a red flag.

Show thread

Jim Sykora Jun 25, 2023

@egypt
At least they don't (usually) crumple and wad the bills all up and drop them in your hand?

Jim Sykora Jun 22, 2023

BleepingComputer Jun 22, 2023

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems.

https://www.bleepingcomputer.com/news/security/vmware-fixes-vcenter-server-bugs-allowing-code-execution-auth-bypass/

VMware fixes vCenter Server bugs allowing code execution, auth bypass

VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication on unpatched systems.

BleepingComputer

GitHub	https://github.com/JimSycurity
Twitter (not checked often)	https://twitter.com/JimSycurity
Location	United States, Minnesota, Rural
Pronouns	He/Him/Hän
Bluesky	https://bsky.app/profile/jimsycurity.adminsdholder.com