Domain Controller

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks

Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / / / , , , , , , , , ,

Microsoft has issued guidance on mitigating PetitPotam NTLM relay attacks against Windows domain controllers or other Windows servers.

Microsoft issues guidance on mitigating PetitPotam NTLM relay attacks Read More »

Microsoft launches Phase 2 fix for Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)

Security Updates & Patches, Vulnerabilities & Exploits / / / , , , ,

Microsoft has announced the launch of Phase 2 permanent fix for a Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472) that was patched last August.

Microsoft launches Phase 2 fix for Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472) Read More »

Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon

Security Updates & Patches, Vulnerabilities & Exploits / / / , , , , ,

The Cybersecurity and Infrastructure Security Agency (CISA) issued a new security advisory warning of publicly available exploit code for a Microsoft Netlogon vulnerability CVE-2020-1472. Researchers have dubbed the vulnerability ‘Zerologon’ that could allow attackers to hijack Windows domain controllers.

Exploit code available for ‘Zerologon’ vulnerability (CVE-2020-1472) that affects Microsoft Netlogon Read More »

TrickBot trojan updates propagation module with nworm to evade detection

Malware / / / , , , , , , ,

TrickBot recently replaced one of its propagation modules “mworm” with new module named “nworm.” The updated module can exploit vulnerable domain controllers (DCs) and evade detection by running in memory.

TrickBot trojan updates propagation module with nworm to evade detection Read More »