2019-008-windows retpoline patches, PSremoting, underthewire, thunderclap vuln

56:01
 
Share
 

Fetch error

Hmmm there seems to be a problem fetching this series right now. Last successful fetch was on May 20, 2019 23:18 (2d ago)

What now? This series will be checked again in the next hour. If you believe it should be working, please verify the publisher's feed link below is valid and includes actual episode links. You can contact support to request the feed be immediately fetched.

Manage episode 228478926 series 124251
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

BrakeingDownIR show #10

GrumpySec appearance?

https://support.microsoft.com/en-us/help/4482887/windows-10-update-kb4482887

https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Mitigating-Spectre-variant-2-with-Retpoline-on-Windows/ba-p/295618

https://blogs.technet.microsoft.com/srd/2018/03/15/mitigating-speculative-execution-side-channel-hardware-vulnerabilities/

“Microsoft has added support for the /Qspectre flag to Visual C++ which currently enables some narrow compile-time static analysis to identify at-risk code sequences related to CVE-2017-5753 and insert speculation barrier instructions. This flag has been used to rebuild at-risk code in Windows and was released with our January 2018 security updates. It is important to note, however, that the Visual C++ compiler cannot guarantee complete coverage for CVE-2017-5753 which means instances of this vulnerability may still exist.’

Retpoline = “Return Trampoline”

“That’s because when using return operations, any associated speculative execution will 'bounce' endlessly.”

https://www.tomshardware.com/news/retpoline-patch-spectre-windows-10,37958.html

Cool site (Andrei) *long time podcast supporter*

UndertheWire.tech - powershell wargame

---

PSRemoting -https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/enable-psremoting?view=powershell-6

https://www.howtogeek.com/117192/how-to-run-powershell-commands-on-remote-computers/

https://blogs.technet.microsoft.com/askperf/2012/02/17/useful-wmic-queries/

Caveats:Network connection you’re on must be set to “private”, not public

WinRM service has to be enabled on both the local and remote hosts (at least, I think so --brbr)

https://www.engadget.com/2019/02/27/dow-jones-watchlist-leaked/

http://time.com/5349896/23andme-glaxo-smith-kline/

http://thunderclap.io/

https://int3.cc/products/facedancer21 - USB

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

#Brakesec Store!:https://www.teepublic.com/user/bdspodcast

#Spotify: https://brakesec.com/spotifyBDS

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

277 episodes available. A new episode about every 7 days averaging 51 mins duration .