#bluehammer — Public Fediverse posts

We'll install MS Defender on your VMs, they said.
It will make them more secure, they said.

#infosec #Defender #MicrosoftDefender
#RedSun #BlueHammer #UnDefend

#CISA orders feds to patch #BlueHammer flaw exploited as zero-day

https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-microsoft-defender-flaw-exploited-in-zero-day-attacks/

#cybersecurity

This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse

https://fed.brid.gy/r/https://hackaday.com/2026/04/24/this-week-in-security-annoyed-researchers-dangling-dns-and-hacks-that-could-have-been-worse/

This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse

https://web.brid.gy/r/https://hackaday.com/2026/04/24/this-week-in-security-annoyed-researchers-dangling-dns-and-hacks-that-could-have-been-worse/

This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse

https://fed.brid.gy/r/https://hackaday.com/2026/04/24/this-week-in-security-annoyed-researchers-dangling-dns-and-hacks-that-could-have-been-worse/

This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse

https://web.brid.gy/r/https://hackaday.com/2026/04/24/this-week-in-security-annoyed-researchers-dangling-dns-and-hacks-that-could-have-been-worse/

Ungepatchte #Windows :windows: -Zero-Days #RedSun, #UnDefend und #BlueHammer werden attackiert | Security https://www.heise.de/news/Ungepatchte-Windows-Zero-Days-RedSun-UnDefend-und-BlueHammer-werden-attackiert-11263691.html #exploit #ZeroDay #0day

Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows:

Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows:

Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows:

Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows:

#BlueHammer wurde zum 14. April 2026 als Defender Schwachstelle gepatcht. Hier meine Nachlese samt Link auf eine Fortra-Analyse.

https://borncity.com/blog/2026/04/16/bluehammer-nachlese-defender-patch-vom-14-4-2026-und-analyse-von-fortra/

Pissing off a hacker is never a good idea. The #BlueHammer researcher has dropped another one, abusing Microsoft Defender's dorky behaviour to gain NT Authority privileges.
https://github.com/Nightmare-Eclipse/RedSun
#Security #Microsoft #Windows #RedSun

Fully exploitable Windows Defender vulnerability with full source code public for >8 days no CVE assigned so far (BlueHammer).

Writeup: https://hackingpassion.com/bluehammer-windows-defender-zero-day/

Full source code: https://github.com/Nightmare-Eclipse/BlueHammer

/cc @bsi Was ist eigentlich der "Prozess" für vollständig öffentliche Lücken zu denen es seit über einer Woche noch nicht einmal eine CVE Nummer gibt?

Edit: Patch and CVE number CVE-2026-33825 available by now. Took 6 days though.

#infosec #itsec #Microsoft #WindowsDefender #BlueHammer

Recently this popped up, #Bluehammer a #Windows exploit that exploits Windows Defender for a local privilege elevation

From user to system level..

It triggers a Defender scan and locks that after, so it can access a certain database that is been backed up while Defender scans to gain system level access

GitHub now gives a warning for the repo it seems:
https://github.com/Nightmare-Eclipse/BlueHammer

Just be careful

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

@wdormann Of course Microsoft used their GitHub ownership to remove the repo instead of fixing both problems (the exploit and the video requirement).

#bluehammer #github #censorship #responsibledisclosure

BlueHammer abuses Windows Defender's update process to gain SYSTEM access

https://hackingpassion.com/bluehammer-windows-defender-zero-day/

#HackerNews #BlueHammer #WindowsDefender #ZeroDay #Cybersecurity #Vulnerability #HackingNews

#BlueHammer 0-day Schwachstelle im Windows Defender ermöglicht Systemübernahme.

https://borncity.com/blog/2026/04/09/bluehammer-windows-0-day-schwachstelle/

Researcher drops #zeroday exploit, probably because researcher was pi**ed that #Microsoft required to send in a video.

#bluehammer

https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/

„#BlueHammer“: #ZeroDay-Lücke in #Windows :windows: verschafft erhöhte Rechte | Security https://www.heise.de/news/BlueHammer-Zero-Day-Luecke-in-Windows-verschafft-erhoehte-Rechte-11246762.html #Microsoft #Exploit #MicrosoftWindows :windows:

Disgruntled researcher leaks “#BlueHammer” #Windows zero-day exploit

https://www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/

#cybersecurity