Start Right now!

Month: October 2024

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook

Leave a Comment / Case Study / By

The Windows Downdate attack, as detailed in the sources, hinges on the manipulation of the Windows Update process to achieve a persistent, invisible, and undetectable downgrade of critical system components. The attacker exploits a vulnerability in the update process by crafting a malicious action list (Pending.xml) that instructs the system to replace specific files with …

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond EBook Read More »

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond

Leave a Comment / White Paper / By

The “Windows Downdate” vulnerability, identified and demonstrated by researcher Anon Leviev, is a downgrade attack technique that leverages Windows Update mechanisms to reintroduce older, vulnerable versions of system files. By circumventing normal update verification checks, this attack allows malicious actors to downgrade essential system components like the Windows kernel, Hyper-V hypervisor, and other critical drivers, …

Windows Downdate: Downgrade Attacks Using Windows Updates and Beyond Read More »

Art of Post-Exploitation

Art of Post-Exploitation

Leave a Comment / White Paper / By

Post-exploitation in red teaming involves navigating and exploiting a compromised system to achieve deeper control and further access to sensitive data and networks. This phase follows initial access and lateral movement, focusing on persistence, privilege escalation, and data exfiltration. Key techniques include system enumeration to gather information such as running processes, installed software, and user …

Art of Post-Exploitation Read More »

Free Consultation

For a Free Consultation And Analysis Of Your Business, Please Fill Out The Opposite Form, Our Team Will Contact You As Soon As Possible.