Lucene search
K

206 matches found

The Hacker News
The Hacker News
added 2021/12/22 7:1 a.m.64 views

Active Directory Bugs Could Let hackers Take Over Windows Domain Controllers

Microsoft is urging customers to patch two security vulnerabilities in Active Directory domain controllers that it addressed in November following the availability of a proof-of-concept PoC tool on December 12. The two vulnerabilities — tracked as CVE-2021-42278 and CVE-2021-42287 — have a severi...

8.8CVSS0.7AI score0.74265EPSS
Exploits10
Microsoft KB
Microsoft KB
added 2021/11/14 12:0 a.m.5 views

KB5008603: Authentication fails on domain controllers in certain Kerberos scenarios on Windows Server 2012 R2

KB5008603: Authentication fails on domain controllers in certain Kerberos scenarios on Windows Server 2012 R2 Summary This update addresses the following issue: Addresses a known issue that might cause authentication failures related to Kerberos tickets you acquired from Service for User to Self...

6.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/11/14 12:0 a.m.5 views

November 14, 2021—KB5008601 (OS Build 14393.4771) Out-of-band

November 14, 2021—KB5008601 OS Build 14393.4771 Out-of-band 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release kno...

6.9AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/11/14 12:0 a.m.6 views

KB5008606: Authentication fails on domain controllers in certain Kerberos scenarios on Windows Server 2008 SP2

KB5008606: Authentication fails on domain controllers in certain Kerberos scenarios on Windows Server 2008 SP2 Summary This update addresses the following issue: Addresses a known issue that might cause authentication failures related to Kerberos tickets you acquired from Service for User to Self...

6.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2021/11/14 12:0 a.m.12 views

November 14, 2021—KB5008602(OS Build 17763.2305) Out-of-band

November 14, 2021—KB5008602OS Build 17763.2305 Out-of-band 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release know...

6.9AI score
Exploits0
Gitee
Gitee
added 2021/10/17 12:0 a.m.13 views

Active-Directory-Exploitation-Cheat-Sheet

This is a cheat sheet for Windows Active Directory exploitation, containing common enumeration and attack methods. The repository is a collection of PowerShell scripts and modules that can be used to perform various attacks on Active Directory, including domain enumeration, lateral movement, and...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/08/25 1:0 p.m.19 views

Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions

A financially motivated threat actor notorious for setting its sights on retail, hospitality, and entertainment industries has been observed deploying a completely new backdoor on infected systems, indicating the operators are continuously retooling their malware arsenal to avoid detection and st...

1.1AI score
Exploits0
GithubExploit
GithubExploit
added 2021/08/14 9:5 p.m.179 views

Exploit for Improper Authentication in Microsoft

PoC exploit for CVE-2021-36949, a vulnerability in Azure AD Conn...

7.1CVSS7.1AI score0.01204EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/08/03 11:27 a.m.51 views

Chinese Hackers Target Major Southeast Asian Telecom Companies

Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. "The goal of the attackers behind these...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/07/29 12:0 a.m.33 views

AD Starter Scan - Unconstrained delegation

Binary data adsikerberosdeleg.nbin...

7.3AI score
Exploits0References3
HackRead
HackRead
added 2021/07/27 7:6 p.m.61 views

Microsoft warns of PetitPotam attack taking over Windows domains

By Deeba Ahmed Experts reveal that the PetitPotam attack forces remote Windows servers such as Domain Controllers to validate a malicious destination. This is a post from HackRead.com Read the original post: Microsoft warns of PetitPotam attack taking over Windows domains...

4.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/26 7:16 a.m.242 views

New PetitPotam NTLM Relay Attack Lets Hackers Take Over Windows Domains

A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to stage an NTLM relay attack and completely take over a Windows domain. The...

0.9AI score
Exploits0
Gitee
Gitee
added 2021/07/25 4:14 p.m.25 views

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472 ZeroLogon vulnerability. The target product/service is Windows Domain Controller DC. The vulnerability class/vector is authentication bypass via all-zero challenge. The probable entry point is the Netlogon service, which is accessed via the Impacket library. Notable...

10CVSS7.8AI score0.99512EPSS
Exploits75
Microsoft KB
Microsoft KB
added 2021/07/13 7:0 a.m.84 views

July 13, 2021—KB5004289 (Monthly Rollup)

July 13, 2021—KB5004289 Monthly Rollup Important: Windows 7 and Windows Server 2008 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases known as "C" releases for this operating system...

9.8CVSS8.3AI score0.3067EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/07/08 9:32 a.m.2468 views

How to Mitigate Microsoft Print Spooler Vulnerability – PrintNightmare

This week, PrintNightmare - Microsoft's Print Spooler vulnerability CVE-2021-34527 was upgraded from a 'Low' criticality to a 'Critical' criticality. This is due to a Proof of Concept published on GitHub, which attackers could potentially leverage for gaining access to Domain Controllers. As we...

9CVSS0.99759EPSS
Exploits41
Gitee
Gitee
added 2021/07/07 8:29 p.m.14 views

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempt to perform a Netlogon authentication bypass. It targets the Netlogon service on a domain controller and sen...

10CVSS7.5AI score0.99512EPSS
Exploits75
ThreatPost
ThreatPost
added 2021/07/02 12:21 p.m.382 views

CISA Offers New Mitigation for PrintNightmare Bug

The U.S. government has stepped in to offer a mitigation for a critical remote code execution RCE vulnerability in the Windows Print Spooler service that may not have been fully patched by Microsoft’s initial effort to fix it. To mitigate the bug, dubbed PrintNightmare, the CERT Coordination Cent...

9.3CVSS9.3AI score0.99759EPSS
Exploits75References9
GithubExploit
GithubExploit
added 2021/06/30 6:32 p.m.171 views

Exploit for CVE-2021-1675

From Lares Labs: Detection & Remedia...

9.3CVSS8.8AI score0.99759EPSS
Exploits75
CISA
CISA
added 2021/06/30 12:0 a.m.148 views

PrintNightmare, Critical Windows Print Spooler Vulnerability

Updated July 2, 2021 For new information and mitigations, see Microsoft's updated guidance for the Print spooler vulnerability CVE-2021-34527. Updated July 1, 2021 See Microsoft's new guidance for the Print spooler vulnerability CVE-2021-34527 and apply the necessary workarounds. Original post Ju...

9.3CVSS2.2AI score0.99759EPSS
Exploits75References5
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.17 views

EulerOS 2.0 SP5 : bind (EulerOS-SA-2021-1894)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's...

8.1CVSS7.2AI score0.64161EPSS
Exploits0References2
Rows per page
Query Builder