Relaying NTLM Authentication from SCCM Clients | allinfosecnews.com

June 30, 2022, 2:03 p.m. | Chris Thompson

Security Boulevard securityboulevard.com

tl;dr: Seriously, please disable NTLM

I recently learned that you can coerce NTLM authentication from SCCM servers using any Windows SCCM client when automatic site-wide client push installation is enabled and NTLM has not been explicitly disabled. During my research, I found out that if you have certain privileges in SCCM, you can also elicit NTLM authentication from the logged-in user or machine account of any Windows client that is online.

Tools such as SharpSCCM can be used to demonstrate …

application security authentication clients ntlm penetration testing pentest pentesting red team sccm social engineering

More from securityboulevard.com / Security Boulevard

From DAST to dawn: why fuzzing is better solution | Code Intelligence 35 minutes ago | securityboulevard.com

api security application applications application security +27

Scaling Application Security With Application Security Posture Management (ASPM) 3 hours ago | securityboulevard.com

application application security application security posture management aspm +13

Crunching Some Numbers on PHP Support 7 hours ago | securityboulevard.com

application breaking can continue +16

Google Chrome DBSC Protection Tested Against Cookie Attacks 8 hours ago | securityboulevard.com

attacks authentication browser browser security +31

What is SOC 2 Compliance Audit? 9 hours ago | securityboulevard.com

audit audits businesses client +27

The Dark Side of EDR: Repurpose EDR as an Offensive Tool 10 hours ago | securityboulevard.com

capabilities code dark edr +13

NTA Email Alert Configuration 13 hours ago | securityboulevard.com

addresses alert basic configuration +8

The Ultimate Guide to SBIR and STTR Program Budgeting 14 hours ago | securityboulevard.com

budgeting budgets can corporations +14

Vulnerabilities for AI and ML Applications are Skyrocketing 18 hours ago | securityboulevard.com

ai ai and ml in security ai development applications +34

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands

View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC

View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC

View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India

View on infosec-jobs.com