16 matches found
EUVD-2021-16119
Malware in sbrugna...
EUVD-2013-0308
Malware in sbrugna...
EUVD-2022-40030
Malicious code in bioql PyPI...
CVE-2025-4573 LDAP Injection in Mattermost Enterprise Edition When Using Active Directory
Mattermost versions 10.7.x = 10.7.1, 10.6.x = 10.6.3, 10.5.x = 10.5.4, 9.11.x = 9.11.13 fail to properly validate LDAP group ID attributes, allowing an authenticated administrator with PermissionSysconsoleWriteUserManagementGroups permission to execute LDAP search filter injection via the PUT...
Metasploit 2024 Annual Wrap-Up
Another year has come and gone, and the Metasploit team has taken some time to review the year’s notable additions. This year saw some great new features added, Metasploit 6.4 released and a slew of new modules. We’re grateful to the community members new and old that have submitted modules and...
ASD’s ACSC, CISA, and US and International Partners Release Guidance on Detecting and Mitigating Active Directory Compromises
Today, the Australian Signals Directorate Australian Cyber Security Centre ASD ACSC, the Cybersecurity and Infrastructure Security Agency CISA, and other U.S. and international partners released the joint guide Detecting and Mitigating Active Directory Compromiseslink is external. This guide...
AS-REP Roasting
Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server… Continue reading - AS-REP Roasting...
CVE-2023-36871
Azure Active Directory Security Feature Bypass Vulnerability...
Five Eyes Alliance Advisory & Using Threat Intelligence
Trellix Global Defenders: Five Eyes Alliance Advisory and Using Threat Intelligence to Protect Against Future Attacks By Taylor Mullins · May 6, 2022 Evolving intelligence continues to indicate that the Russian government is exploring options to launch cyberattacks in retaliation against...
A week in security (June 21 – June 27)
Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...
LIVE Webinar on Zerologon Vulnerability: Technical Analysis and Detection
I am sure that many of you have by now heard of a recently disclosed critical Windows server vulnerability—called Zerologon—that could let hackers completely take over enterprise networks. For those unaware, in brief, all supported versions of the Windows Server operating systems are vulnerable t...
PingCastle - Get Active Directory Security At 80% In 20% Of The Time
The risk level regarding Active Directory security has changed. Several vulnerabilities have been made popular with tools like mimikatz or sites likes adsecurity.org. Ping Castle is a tool designed to assess quickly the Active Directory security level with a methodology based on risk assessment a...
EUVD-2018-1681
A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings, aka "Active Directory Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers...
SAML with limit visibility on the application on the Delivery Controller using a Security Group
When we publish new App in Delivery Group that uses SAML and set limit visibility on the application for an Active Directory Security Group, application icon will not enumerate. The application will enumerate when through Storefront Server. If user is added explicitly to the application visibilit...
Requirements and Limitations of Authentication at StoreFront using NetScaler Gateway
Introduction NetScaler and StoreFront interop has undergone several improvements in the last few releases to reduce integration mistakes by administrator. Initial efforts were targeted to allow administrators to import NetScaler Gateway configuration into StoreFront through the management console...
Users show as Anonymous in XenMobile Server
Users are listed as 'Anonymous' inXenMobile Server after moving their Active Directory Security Group to a new OU...