all InfoSec news
Rooting out Risky SCCM Configs with Misconfiguration Manager
Malware Analysis, News and Indicators - Latest topics malware.news
tl;dr: I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager.
Ever since Garrett Foster, Duane Michael, and I released Misconfiguration Manager at SO-CON last month, we’ve had tons of great conversations with people interested in finding and fixing configurations that leave an SCCM environment vulnerable to attack, including those that allow complete takeover of a default hierarchy with a remote site database in two commands.
Although we detailed how to carry out, …
attack con conversations elevate environment garrett great identify manager michael misconfiguration people sccm script takeover vulnerable