257 matches found
March 14, 2023—KB5023713 (OS Build 10240.19805) - EXPIRED
None None...
February 14, 2023—KB5022838 (OS Build 14393.5717) - EXPIRED
None None...
DragonCastle - A PoC That Combines AutodialDLL Lateral Movement Technique And SSP To Scrape NTLM Hashes From LSASS Process
A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process. Description Upload a DLL to the target machine. Then it enables remote registry to modify AutodialDLL entry and start/restart BITS service. Svchosts would load our DLL, set again AutodiaDL...
Iranian Hackers Compromised a U.S. Federal Agency's Network Using Log4Shell Exploit
Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency CISA, come in...
Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Microsoft Windows Local Security Authority Subsystem Service is an internal program of Microsoft Corporation USA that runs Windows system security policies. It verifies user identity, manages user password changes, and generates access characters when a user logs on to a computer standalone or...
CVE-2022-37977
Local Security Authority Subsystem Service LSASS Denial of Service Vulnerability...
Denial of service
Local Security Authority Subsystem Service LSASS Denial of Service Vulnerability...
August 9, 2022—KB5016627 (OS Build 20348.887)
None None...
August 9, 2022—KB5016622 (OS Build 14393.5291) - EXPIRED
None None...
August 9, 2022—KB5016686 (Security-only update)
None None...
August 9, 2022—KB5016683 (Security-only update)
None None...
August 9, 2022—KB5016681 (Monthly Rollup)
None None...
CVE-2022-37977 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
...
CVE-2022-37977
CVE-2022-37977 is a Local Security Authority Subsystem Service (LSASS) Denial of Service vulnerability in Windows. CNVD’s description attributes the issue to a failure in properly handling incoming error messages, which could allow an attacker to trigger an application DoS. Multiple national advi...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
September 20, 2022—KB5017379 (OS Build 17763.3469) Preview
None None...
May 10, 2022—KB5013952 (OS Build 14393.5125) - EXPIRED
None None...