all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Relaying to AD Certificate Services over RPC

Add to bookmarks
Nov. 16, 2022, 10:45 a.m. | Sylvain Heiniger

Compass Security Blog blog.compass-security.com

In June last year, the good folks at SpecterOps dropped awesome research on Active Directory Certificate Services (AD CS) misconfigurations. Since then, we find and report these critical vulnerabilities at our customers regularly. One of these new attack path is relaying NTLM authentication to unprotected HTTP endpoints. This allows an attacker to get a valid […]

active directory adcs certificate certificate services microsoft ntlm relay relaying research rpc services windows

Visit resource

More from blog.compass-security.com / Compass Security Blog

Behind The Scenes Of Ransomware Attacks 1 week, 4 days ago | blog.compass-security.com
apt attacks big blog +10
Pwn2Own Toronto 2023: Part 5 – The Exploit 3 weeks, 1 day ago | blog.compass-security.com
buffer buffer overflow buffer overflow vulnerability camera +20
Pwn2Own Toronto 2023: Part 4 – Memory Corruption Analysis 3 weeks, 2 days ago | blog.compass-security.com
analysis corruption internet of things manage +9
Pwn2Own Toronto 2023: Part 3 – Exploration 3 weeks, 3 days ago | blog.compass-security.com
authentication can code code execution +19
Pwn2Own Toronto 2023: Part 2 – Exploring the Attack Surface 3 weeks, 4 days ago | blog.compass-security.com
aim attack attack surface blog +16
Pwn2Own Toronto 2023: Part 1 – How it all started 3 weeks, 5 days ago | blog.compass-security.com
analysts blog blog post camera +13
Manipulating LLMs – How to confuse ChatGPT 1 month, 1 week ago | blog.compass-security.com
ai algorithm chatgpt data +13
Luring the Threat: Lessons from ICS Honeypots in Ukraine and Germany 1 month, 3 weeks ago | blog.compass-security.com
apt attacks components control +29
Microsoft BitLocker Bypasses are Practical 2 months, 1 week ago | blog.compass-security.com
article attack bitlocker blog +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Officer Level 1 (L1)

@ NTT DATA | Virginia, United States of America
View on infosec-jobs.com

Alternance - Analyste VOC - Cybersécurité - Île-De-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote US or Remote CAN
View on infosec-jobs.com

Cyber Security Engineer Lead

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com
View more jobs