Web: https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.html

June 21, 2022, 9:05 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to seize control of a domain.
"Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay [Domain Controller authentication to [Active Directory

attack attackers control domain new ntlm ntlm relay ntlm relay attack relay relay attack windows

Collection Network Penetration Test Engineer TS SCI/Poly Eligible

@ Sixgen Inc. | United States

Senior Infrastructure Security Engineer

@ Angi | Toronto, ON - Remote

Senior Security Operations Engineer

@ Axiom Zen | Remote

Endpoint Protections - Security Research Engineer II

@ Elastic | United States

Senior Cyber Security Engineer

@ Evaluate | London, England, United Kingdom

Device Security Lead

@ Worldcoin | Berlin ; Erlangen ; New York ; San Francisco