Security
Headlines
HeadlinesLatestCVEs

Tag

#PetitPotam

Lateral Movement – WebClient

Coercing elevated accounts such as machine accounts to authenticate to a host under the control of an attacker can provide an opportunity for privilege escalation… Continue reading → Lateral Movement – WebClient

Pentestlab
#Lateral Movement#PetitPotam#RBCD#Red Team#Resource Based Constrained Delegation#WebDAV#web#mac
PetitPotam – NTLM Relay to AD CS

Deployment of an Active Directory Certificate Services (AD CS) on a corporate environment could allow system administrators to utilize it for establishing trust between different… Continue reading → PetitPotam – NTLM Relay to AD CS

Security News: Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail

Hello everyone! Yet another news episode. Microsoft’s August Patch Tuesday Let’s start with Microsoft’s August Patch Tuesday. I think the most interesting thing is that it contains a fix for the PetitPotam vulnerability. I talked about this vulnerability two weeks ago. At the time, Microsoft had no plans to release a patch because PetitPotam was […]

Last Week’s Security news: Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs

Hello everyone! Last Week’s Security News, July 26 – August 1. Serious Sam in Metasploit Last week I talked about the Serious Sam vulnerability (CVE-2021-36934), also known as HiveNightmare. The name HiveNightmare comes from the fact that Windows stores its registry data in a small number of proprietary database files called hives. Due to mismanagement […]