endpoint security
5 posts
Article
Your endpoint agent is the intrusion vector.
Two Microsoft Defender vulnerabilities are under active exploitation. One grants full SYSTEM. CISA deadline June 3. What to verify now.
Article
MiniPlasma PoC hands attackers SYSTEM on Windows
Public PoC for the MiniPlasma Windows flaw yields SYSTEM execution. What the local privilege boundary failure means for endpoint control posture.
Article
The patch shipped. The install didn't.
Microsoft confirmed Windows 11 security updates are failing to install. Patch state is now a claim, not a measurement. Verify out-of-band.
Article
RedSun turned Defender into a write primitive
RedSun turned Windows Defender's remediation path into a SYSTEM-level write primitive. The mechanism, the class, and what it exposes.
Article
Paying the ransom buys nothing here.
A ransomware build that destroys files is a wiper. The defensive failure is execution authority over data, not cryptography.