all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

noPac Exploit: Latest Microsoft AD Flaw May Lead to Total Domain Compromise in Seconds

Add to bookmarks
Jan. 11, 2022, 6:16 a.m. | Alex Talyanski

Cybersecurity Blog | CrowdStrike provinggrounds.cs.sys

What Happened? Microsoft recently published two critical CVEs related to Active Directory (CVE-2021-42278 and CVE-2021-42287), which when combined by a malicious actor could lead to privilege escalation with a direct path to a compromised domain.  In mid-December 2021, a public exploit that combined these two Microsoft Active Directory design flaws (referred also as “noPac”) was […]

ad compromise domain exploit featured flaw identity protection may microsoft

Visit resource

More from provinggrounds.cs.sys / Cybersecurity Blog | CrowdStrike

5 Best Practices to Secure AWS Resources 2 days, 19 hours ago | provinggrounds.cs.sys
amazon amazon web services aws best practices +24
Porter Airlines Consolidates Its Cloud, Identity and Endpoint Security with CrowdStrike 6 days, 16 hours ago | provinggrounds.cs.sys
agent airline airlines architecture +24
Secure Your Staff: How to Protect High-Profile Employees’ Sensitive Data on the Web 6 days, 17 hours ago | provinggrounds.cs.sys
accounts adversary can counter +28
Deploying the Droids: Optimizing Charlotte AI’s Performance with a Multi-AI Architecture 1 week ago | provinggrounds.cs.sys
architecture charlotte ai cybersecurity don +5
CrowdStrike Falcon Next-Gen SIEM Unveils Advanced Detection of Ransomware Targeting VMware ESXi Environments 1 week, 2 days ago | provinggrounds.cs.sys
access advanced companies credentials +27
CVE-2024-3400: What You Need to Know About the Critical PAN-OS Zero-Day 1 week, 5 days ago | provinggrounds.cs.sys
april block critical cve +15
CrowdStrike Falcon Wins Best EDR Annual Security Award in SE Labs Evaluations 1 week, 5 days ago | provinggrounds.cs.sys
adversary and response award crowdstrike +21
CrowdStrike Extends Identity Security Capabilities to Stop Attacks in the Cloud 2 weeks ago | provinggrounds.cs.sys
active directory attackers attacks breaches +24
April 2024 Patch Tuesday: Three Critical RCE Vulnerabilities in Microsoft Defender for IoT 2 weeks, 1 day ago | provinggrounds.cs.sys
april code code execution critical +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cyber Systems Administration

@ Peraton | Washington, DC, United States
View on infosec-jobs.com

Android Security Engineer, Public Sector

@ Google | Reston, VA, USA
View on infosec-jobs.com

Lead Electronic Security Engineer, CPP - Federal Facilities - Hybrid

@ Black & Veatch | Denver, CO, US
View on infosec-jobs.com

Profissional Sênior de Compliance & Validação em TI - Montes Claros (MG)

@ Novo Nordisk | Montes Claros, Minas Gerais, BR
View on infosec-jobs.com

Principal Engineer, Product Security Engineering

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs