October 28, 2024 at 05:51PM Windows 11 systems, even when fully patched, can be compromised through a technique demonstrated by SafeBreach’s Alon Leviev. His Windows Downdate tool allows attackers with admin access to downgrade critical OS components back to vulnerable versions, exposing systems to potential rootkit installation and exploitation. Microsoft is developing mitigations to address … Read more
August 27, 2024 at 01:22PM SafeBreach security researcher Alon Leviev has developed the Windows Downdate tool to enable downgrade attacks on current Windows 10, Windows 11, and Windows Server systems, reintroducing old vulnerabilities. Based on the meeting notes, it appears that SafeBreach security researcher Alon Leviev has released a tool called Windows Downdate. This tool … Read more
August 12, 2024 at 11:54AM Vulnerabilities in Google’s Quick Share utility allowed man-in-the-middle attacks and unauthorized file transfers to Windows devices. SafeBreach discovered 10 vulnerabilities, prompting two CVEs, and detailed their findings at DEF CON 32. The flaws have been addressed, but the utility remains under scrutiny. A scheduled task vulnerability was also exploited. The … Read more
August 7, 2024 at 04:31PM SafeBreach security researcher Alon Leviev disclosed at Black Hat 2024 two unpatched zero-days that can be exploited in downgrade attacks on up-to-date Windows 10, 11, and Windows Server systems. Microsoft issued advisories for CVE-2024-38202 and CVE-2024-21302, providing mitigation guidance. The vulnerabilities allow for system compromise, making fully patched systems susceptible … Read more
April 22, 2024 at 10:45AM SafeBreach security researcher Shmuel Cohen demonstrated how endpoint detection and response (EDR) solutions, such as Palo Alto Networks’ Cortex XDR, could be manipulated into malicious offensive tools. Cohen identified weaknesses, allowing an attacker to deploy ransomware, elevate privileges, and remain undetected. Palo Alto Networks addressed these issues with automatic content … Read more