Get a Pentest and security assessment of your IT network.

Cyber Security

Windows 10 ‘Finger’ command can be abused to download or steal files

Microsoft Windows TCPIP Finger command can also function as a file downloader and a makeshift command and control server that can serve for sending commands and exfiltrating data. Windows Defender antivirus built into Windows can download arbitrary files using the -DownloadFile command-line argument, added either in version 4.18.2007.9 or 418.1818.2009.9. The latest addition is finger.exe, a command that ships with Windows to retrieve information about users on remote computers running Finger service or daemon.

Source: https://www.bleepingcomputer.com/news/security/windows-10-finger-command-can-be-abused-to-download-or-steal-files/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation