Lucene search
K

14 matches found

Microsoft Secure
Microsoft Secure
added 2025/04/09 5:0 p.m.25 views

Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI

Exchange Server and SharePoint Server are business-critical assets and considered crown jewels for many organizations, making them attractive targets for attacks. To help customers protect their environments and respond to these attacks, Exchange Server and SharePoint Server now integrate with th...

9.8CVSS10AI score0.99999EPSS
Exploits115
GithubExploit
GithubExploit
added 2025/04/07 2:33 a.m.119 views

Exploit for Improper Input Validation in Microsoft

CVE-2023-23397 Exploitation & Mitigation Demo 📌 Overview...

9.8CVSS10AI score0.97408EPSS
Exploits18
MSRC
MSRC
added 2024/12/09 8:0 a.m.17 views

Mitigating NTLM Relay Attacks by Default

Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication EPA by default for new and existing installs of Exchange 2019. While we’re currently unaware of any activ...

9.8CVSS7.4AI score0.12661EPSS
Exploits0
Circl
Circl
added 2024/02/13 8:37 p.m.15 views

CVE-2024-21410

creationtimestamp| type| source ---|---|--- 2024-02-13 20:37:02+00:00| seen| https://t.me/ctinow/184168 2024-02-14 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1227 2024-02-14 16:13:10+00:00| seen| https://t.me/itsecnews/4112 2024-02-15 06:21:50+00:00| exploited|...

9.8CVSS7.4AI score0.12661EPSS
Exploits0References33
The Hacker News
The Hacker News
added 2024/02/02 2:49 p.m.94 views

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Russian state-sponsored actors have staged NT LAN Manager NTLM v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an "aggressive" hacking crew called APT28, have set their eyes on organizations dealing...

9.8CVSS8.5AI score0.97798EPSS
Exploits67
The Hacker News
The Hacker News
added 2022/05/11 5:29 a.m.194 views

Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as...

10CVSS1.2AI score0.91316EPSS
Exploits18
The Hacker News
The Hacker News
added 2021/08/11 5:31 a.m.1014 views

Microsoft Releases Windows Updates to Patch Actively Exploited Vulnerability

Microsoft on Tuesday rolled out security updates to address a total of 44 security issues affecting its software products and services, one of which it says is an actively exploited zero-day in the wild. The update, which is the smallest release since December 2019, squashes seven Critical and 37...

9.9CVSS0.66023EPSS
Exploits5
ThreatPost
ThreatPost
added 2021/07/26 7:33 p.m.83 views

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft was quick to respond with a fix to an attack dubbed “PetitPotam” that could force remote Windows systems to reveal password hashes that could then be easily cracked. To thwart an attack, Microsoft recommends system administrators stop using the now deprecated Windows NT LAN Manager NTLM...

7.6AI score
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2021/07/23 7:0 a.m.245 views

Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS)

Summary Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Windows servers. PetitPotam is a classic NTLM Relay Attack, and such attacks have been previously documented by Microsoft along with numerous mitigation options to protect...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/02 12:0 a.m.26 views

F5 Networks BIG-IP : BIG-IP APM Edge Client vulnerability (K97733133)

When a user connects to a VPN using BIG-IP Edge Client over an unsecure network, BIG-IP Edge Client responds to authentication requests over HTTP while sending probes for captive portal detection. CVE-2020-5893 Impact An attacker can use a man-in-the-middle MITM attack by deploying a...

4.3CVSS5.2AI score0.00561EPSS
Exploits0References2
0day.today
0day.today
added 2020/05/16 12:0 a.m.81 views

Microsoft Windows Task Scheduler Security Feature Bypass Vulnerability

Compass Security identified a security feature bypass vulnerability in Microsoft Windows. Due to the absence of integrity verification requirements for the RPC protocol and in particular the Task Scheduler, a man-in-the-middle attacker can relay his victim's NTLM authentication to a target of his...

9.3CVSS7.9AI score0.07277EPSS
Exploits2
Packet Storm
Packet Storm
added 2020/05/15 12:0 a.m.212 views

Microsoft Windows Task Scheduler Security Feature Bypass

COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: Windows Task Scheduler Vendor: Microsoft CSNC ID: CSNC-2010-001 CVE ID: CVE-2020-1113 Subject: Security Feature Bypass Risk: High Effect: Remotely exploitable Authors: Sylvain Heiniger Date: 14.05.2020...

8.7AI score0.07277EPSS
Exploits2
CISA
CISA
added 2019/01/28 12:0 a.m.10 views

CERT/CC Reports Microsoft Exchange 2013 and Newer are Vulnerable to NTLM Relay Attacks

The CERT Coordination Center CERT/CC has released information to address NTLM relay attacks affecting Microsoft Exchange 2013 and newer versions. A remote attacker could exploit this vulnerability to take control of an affected system. The National Cybersecurity and Communications Integration...

6.6AI score
Exploits0References1
ICS
ICS
added 2018/03/28 12:0 a.m.58 views

ICSA-18-093-01 Siemens Building Technologies Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Siemens Equipment : Building Technologies Products Vulnerabilities : Stack-based Buffer Overflows, Security Features, Improper Restriction of Operations within the Bounds of a Memory Buffer, NUL...

9.9CVSS10AI score0.04758EPSS
Exploits0References9
Rows per page
Query Builder