17 matches found
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously...
SUSE CVE-2021-42287
unknown...
noPac - Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 + CVE-2021-42287 chain positional arguments: domain/username:password Account used to authenticate to DC. optional arguments: -h, --help show thi...
Microsoft Windows Active Directory Privilege Escalation Multiple Vulnerabilities (CVE-2021-42278; CVE-2021-42287)
Multiple Privilege Escalation vulnerabilities exists in Microsoft Windows Active Directory. Successful exploitation of this vulnerability could allow a remote attacker to easily elevate their privilege to that of a domain admin once he compromise a regular user in the domain...
Two Active Directory Bugs Lead to Easy Windows Domain Takeover
A proof-of-concept tool has been published that leverages two Windows Active Directory bugs fixed last month that, when chained, can allow easy Windows domain takeover. In a Monday alert, Microsoft urged organizations to immediately patch the pair of bugs, tracked as CVE-2021-42287 and...
CVE-2021-42287
creationtimestamp| type| source ---|---|--- 2021-12-11 19:44:35+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/952 2021-12-11 20:46:13+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/1328 2021-12-12 14:54:29+00:00| published-proof-of-concept| https://t.me/m1swarr1or/29...
Exploit for CVE-2021-42278
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA f...
Exploit for CVE-2021-42278
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA f...
CVE-2021-42287
Active Directory Domain Services Elevation of Privilege Vulnerability...
CVE-2021-42287 Active Directory Domain Services Elevation of Privilege Vulnerability
...
CVE-2021-42287 Active Directory Domain Services Elevation of Privilege Vulnerability
...
CVE-2021-42287
CVE-2021-42287 is an Active Directory Domain Services privilege-escalation vulnerability. Connected documents corroborate it as part of a vulnerability family targeting domain controllers (CVE-2021-42278/42287) and describe exploitation via impersonation from a standard domain user to a DA, inclu...
CVE-2021-42287
Active Directory Domain Services Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Microsoft Windows Multiple Vulnerabilities (KB5007192)
This host is missing a critical security update according to Microsoft KB5007192 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KB5007192: Windows 10 Version 1607 and Windows Server 2016 Security Update (November 2021)
The remote Windows host is missing security update 5007192. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665, CVE-2021-41371 - A remote code...
KB5007245: Windows Server 2012 Security Update (November 2021)
The remote Windows host is missing security update 5007245 or cumulative update 5007245. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2021-41366, CVE-2021-41367, CVE-2021-41370,...
KB5007233: Windows 7 and Windows Server 2008 R2 Security Update (November 2021)
The remote Windows host is missing security update 5007233 or cumulative update 5007236. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. CVE-2021-38631, CVE-2021-38665,...