The LDAPNightmare Proof-of-Concept (PoC) exploit, leveraging the critical vulnerability CVE-2024-49113, has brought to light serious weaknesses in Windows Server environments. This vulnerability targets the Local Security Authority Subsystem Service (LSASS),Read More →
In its latest security alert, Microsoft asked its customers to apply available updates to fix two privilege escalation vulnerabilities in Active Directory whose exploitation would allow threat actors to easilyRead More →
This week, Microsoft reported the detection of a sensitive information leak vulnerability that affects many Azure Active Directory (AD) deployments. The flaw was tracked as CVE-2021-42306 and received a scoreRead More →
One of the main variants of attack against Windows systems is the abuse of Active Directory using tools for credential theft such as Mimikatz. According to network security specialists, theRead More →
An information security expert explains that Grouper is an unstable PowerShell module designed for use by pentesters and redteamers that filters the XML output of the Get-GPOReport cmdlet and identifies all theRead More →
A group of information security professionals that does active directory audits recently noticed that they are repeating themselves over and over again. So, the experts decided to write as much of thisRead More →
