TWCN Tech News

How to configure WinRM via GPO on Windows computers

WinRM, or Windows Remote Management, is a Microsoft protocol that enables remote management of computers. It is an implementation of the WS-Management Protocol for managing Windows desktops and ...
Bleeping Computer

Wormable Windows HTTP vulnerability also affects WinRM servers

A wormable vulnerability in the HTTP Protocol Stack of the Windows IIS server can also be used to attack unpatched Windows 10 and Server systems publicly exposing the WinRM (Windows Remote Management) ...
Redmond Magazine

First Look: WinRM & WinRS

In August we discussed how to set up event log subscriptions to forward log data from one Windows Vista or Windows Server 2008 computer to another. Part of configuring that subscription involves ...
TWCN Tech News

How to Remotely Restart a Windows computer using PowerShell

Every now and then, most especially, a system administrator will need to restart a server or system. Usually, you can Remote Shut down or Restart Windows through the graphical user interface – ...
Bleeping Computer

CredSSP Vulnerability Affects RDP and WinRM on All Windows Versions

The March 2018 Patch Tuesday contains a fix for a severe vulnerability affecting the CredSSP protocol; a vulnerability that affects all Windows versions ever released. Security researchers from ...
CSOonline

How to use PowerShell to scan for Windows 10 security updates

With Windows 10, you can no longer do a quick-and-dirty scan for updates from the GUI without triggering the detection and installation of those updates. The same holds true for Server 2016 or Server ...
CSOonline

How to enable event collection in Windows Server

SIEM and SOAR allow enterprises to collect and correlate log event data but may not be the ideal choice for every organization. Microsoft’s Windows Event Forwarding aggregates system event logs from ...