all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

We Patched CVE-2023-28244 Before Anyone - Including Us - Even Knew It Existed

Add to bookmarks
Nov. 16, 2023, 6 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

How Our Patch For CVE-2022-33647 Fixed CVE-2023-28244 Five Months In Advance

By Blaz Satler of 0patch Team


The Initial Vulnerability - CVE-2022-33647

In September 2022, Microsoft released patches for CVE-2022-33647, a Kerberos vulnerability that allows a MITM (Man-In-The-Middle) attacker to hijack a user's Kerberos ticket and achieve domain privilege escalation. James Forshaw of Google Project Zero was attributed with the discovery of this issue, and shortly after the issue was fixed also published a writeup on the official Project …

0patch attacker cve domain hijack kerberos man-in-the-middle microsoft mitm patch patches september ticket vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Update: file-magic.py Version 0.0.8 5 hours ago | malware.news
article didier didier stevens file +11
Ticketmaster confirms customer data breach 9 hours ago | malware.news
breach cloud cloud database customer +18
What the Biggest-Ever Botnet Takedown Means 1 day, 5 hours ago | malware.news
botnet distribution financial industrial +5
Okta Cross-origin Authentication Feature in Customer Identity Cloud Targeted in Credential Stuffing Attacks 1 day, 7 hours ago | malware.news
access attacks authentication cloud +22
OpenAI report reveals threat actors using ChatGPT in influence operations 1 day, 7 hours ago | malware.news
article campaigns chatgpt disruption +12
Fake Bahrain Government Android App Steals Personal Data Used for Financial Fraud 1 day, 8 hours ago | malware.news
android android app app bahrain +17
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins 1 day, 8 hours ago | malware.news
article attacks bugs fastly +11
Senator Calls for FTC, SEC Probe Into UnitedHealth’s ‘Negligence’ in Breach 1 day, 9 hours ago | malware.news
article attack board breach +17
Vulnerability impacting Check Point Network Security Gateways (CVE-2024-24919) 1 day, 9 hours ago | malware.news
article canadian canadian centre for cyber security check +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com