Top Legacy Active Directory Infrastructure Vulnerabilities and How Attackers See Them
By Tammy Mindel, Security Product Manager at Semperis Microsoft Active Directory (AD) has become a highly lucrative target […] The…
New PsExec spinoff lets hackers bypass network security defenses
Security researchers have developed an implementation of the Sysinternals PsExec utility that allows moving laterally in a network using a…
CISA orders agencies to patch Windows LSA bug exploited in the wild
CISA has re-added a security bug affecting Windows devices to its list of bugs exploited in the wild after removing…
New DFSCoerce NTLM Relay attack allows Windows domain takeover
A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely…
CISA warns not to install May Windows updates on domain controllers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities…
Microsoft fixes new PetitPotam Windows NTLM Relay attack vector
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for…
Microsoft Patch Tuesday, May 2022 Edition
Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software.…