all InfoSec news
Rooting out Risky SCCM Configs with Misconfiguration Manager
Security Boulevard securityboulevard.com
tl;dr: I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager.
Ever since Garrett Foster, Duane Michael, and I released Misconfiguration Manager at SO-CON last month, we’ve had tons of great conversations with people interested in finding and fixing configurations that leave an SCCM environment vulnerable to attack, including those that allow complete takeover of a default hierarchy with a remote site database in two commands.
Although we detailed how to carry out, …
attack con conversations elevate environment garrett great identify information security manager michael misconfiguration people red team research sccm script social engineering takeover vulnerable