all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

We Patched CVE-2023-28244 Before Anyone - Including Us - Even Knew It Existed

Add to bookmarks
Nov. 16, 2023, 6 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

How Our Patch For CVE-2022-33647 Fixed CVE-2023-28244 Five Months In Advance

By Blaz Satler of 0patch Team


The Initial Vulnerability - CVE-2022-33647

In September 2022, Microsoft released patches for CVE-2022-33647, a Kerberos vulnerability that allows a MITM (Man-In-The-Middle) attacker to hijack a user's Kerberos ticket and achieve domain privilege escalation. James Forshaw of Google Project Zero was attributed with the discovery of this issue, and shortly after the issue was fixed also published a writeup on the official Project …

0patch attacker cve domain hijack kerberos man-in-the-middle microsoft mitm patch patches september ticket vulnerability

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

New Redline Version: Uses Lua Bytecode, Propagates Through GitHub 1 day, 3 hours ago | malware.news
bytecode code detect found +12
Cybersecurity firm Darktrace sold to Thoma Bravo for $5.3 billion 1 day, 15 hours ago | malware.news
acquisition article cybersecurity darktrace +5
Arctic Wolf Recognized as a Leader in Frost & Sullivan Managed Detection and Response Report 1 day, 16 hours ago | malware.news
amp and response april arctic +20
CVE-2024-29204, CVE-2024-24996: Critical Vulnerabilities in Ivanti Avalanche 1 day, 16 hours ago | malware.news
april avalanche components critical +19
Showcasing Artwork by Max for Autism Awareness Month 1 day, 17 hours ago | malware.news
art article artwork autism +6
TikTok, Flowmon, Cisco, Brokewell, RuggedCom, Deepfakes, Non-Competes, Aaran Leyland - SWN #381 1 day, 18 hours ago | malware.news
article cisco deepfakes flowmon +6
Kaiser Permanente notifies 13.4M patients of potential data exposure 1 day, 18 hours ago | malware.news
apps article data data exposure +16
Impact of organizational structure on ransomware outcomes: Where does your org fit in? 1 day, 18 hours ago | malware.news
article challenges core security detection +15
VA is warning veterans about Change Healthcare cyberattack, secretary says 1 day, 19 hours ago | malware.news
alerting article attack change +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Network Security Engineer

@ Meta | Menlo Park, CA | Remote, US
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Washington, DC
View on infosec-jobs.com

Threat Investigator- Security Analyst

@ Meta | Menlo Park, CA | Seattle, WA | Washington, DC
View on infosec-jobs.com

Security Operations Engineer II

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Bug Bounty -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com
View more jobs