6 matches found
Are Forgotten AD Service Accounts Leaving You at Risk?
For many organizations, Active Directory AD service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts created for legacy applications, scheduled tasks, automation scripts, or...
CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...
CVE-2024-22245 Arbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in EAP could allow a malicious actor that could trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary...
Infra Used in Cisco Hack Also Targeted Workforce Management Solution
The attack infrastructure used to target Cisco in the May 2022 incident was also employed against an attempted compromise of an unnamed workforce management solutions holding company a month earlier in April 2022. Cybersecurity firm eSentire, which disclosed the findings, raised the possibility...
The vulnerability of the Windows operating system, which allows a hacker to inject arbitrary web or HTML code
The vulnerability of the Active Directory service for Windows operating systems exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code by manipulating the wct parameter...
MS15-096: Vulnerability in Active Directory Service Could Allow Denial of Service (3072595)
The remote Windows host is affected by a denial of service vulnerability in Active Directory that is triggered during the handling of a saturation of account creations. An authenticated, remote attacker, with privileges to join machines to a domain, can exploit this vulnerability by creating...