26 matches found
EUVD-2002-2007
Malware in sbrugna...
CVE-2002-2028
The screensaver on Windows NT 4.0, 2000, XP, and 2002 does not verify if a domain account has already been locked when a valid password is provided, which makes it easier for users with physical access to conduct brute force password guessing...
The vulnerability of the systemSettings table in the APEX education automation system’s database allows a perpetrator to gain access to the password of the domain account.
The vulnerability of the systemSettings table in the APEX education automation system’s database is related to the storage of passwords in an exposed form. Exploiting this vulnerability could allow a malicious actor to remotely access user credentials and obtain the password for the domain accoun...
APT 10, a state-sponsored Chinese threat group, conducting a global cyber espionage operation
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A Chinese state-sponsored advanced persistent threat APT 10 group has been attacking government, legal, religious entities and non-governmental organizations NGOs around the world in what appears to be an espionage campaign th...
ZOHO ManageEngine ADSelfService Plus安全漏洞
Zoho ManageEngine ADSelfService Plus is a web-based self-service application that enables end-users to perform tasks such as password reset, account unlocking, profile information update, etc. without relying on the help desk. A domain user account takeover vulnerability exists in Zoho ManageEngi...
Ryuk Ransomware: Now with Worming Self-Propagation
A new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have found. The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems ANSSI. The agency...
Rbcd-Attack - Kerberos Resource-Based Constrained Delegation Attack From Outside Using Impacket
Abusing Kerberos Resource-Based Constrained Delegation TL;DR This repo is about a practical attack against Kerberos Resource-Based Constrained Delegation in a Windows Active Directory Domain. The difference from other common implementations is that we are launching the attack from outside of the...
CVE-2019-14510
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx e.g., FSAdmin123456789 on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed...
Default configuration
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx e.g., FSAdmin123456789 on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed...
CVE-2019-14510
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx e.g., FSAdmin123456789 on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed...
Master VM Gets Error "The Trust Relatioship Between This Workstation and The Primary Domain Failed" When Trying to Logon to it Using a Domain Account
When trying to log on to master VM using a domain account right after capturing a vDisk from it, an admin user gets error "The trust relationship between this workstation and the primary domain failed." Resetting or deleting and recreating machine account from PVS console does not resolve issue...
Analysis of Kerberos constrained delegation SPN security vulnerabilities-vulnerability warning-the black bar safety net
In the past few years, more and more security researchers began to study Kerberos security, eventually found in support of the authentication Protocol of the network environment a lot of interesting attacks. In this post, I will describe my in the Windows Kerberos constrained delegation feature...
Automato - Automating the user-focused enumeration tasks during an internal penetration test
automato should help with automating some of the user-focused enumeration tasks during an internal penetration test. automato is also capable of conducting limited brute force attacks such as: Testing to see if a list of users with a common password exists in the target domain Identifying if a...
CVE-2016-3368
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a crafted request, ak...
Remote code execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a crafted request, ak...
CVE-2016-3237
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM...
Palo Alto Networks User-ID Agent < 7.0.4 TLS-Secured API Invocation Credential Disclosure (PAN-SA-2016-0007)
The version of Palo Alto Networks User-ID agent installed on the remote Windows host is prior to 7.0.4. It is, therefore, affected by a flaw that allows a TLS-secured API call to return encrypted credentials to the domain account configured on the User-ID agent, which has read-only rights for...
User-ID API Access
The Palo Alto Networks User-ID agent for Windows implements an API to retrieve the agent’s configuration. This TLS-secured API call returns encrypted credentials to the domain account configured on the User-ID agent, which has read-only rights for Security Event Logs on Domain Controllers. Anyone...
漫游用友集团各大系统
简要描述: 漫游用友集团各大系统 详细说明: 在一个月黑风高的夜晚,用友某员工的集团办公平台账号,悄悄地泄露了。 // Send message Transport transport=session.getTransport; transport.connect"192.168.210.160" , 25, "ch2","1r"; transport.sendMessagemessage,new Addressnew InternetAddress"[email protected]" ; transport.close;...
“Invalid Credentials” Error Adding a Hyper-V Host Using a Local Account
Article Applicability This article relates to an error that only occurs when Veeam Backup & Replication is deployed on a Windows machine. With the Veeam Software Appliance, to add a Hyper-V host using credentials, it requires that both the appliance and the Windows machine are added to the same...