Identity Protection Archives »

Security Advisory: MSRPC Printer Spooler Relay (CVE-2021-1678)

On Patch Tuesday, January 12, 2021, Microsoft released a patch for CVE-2021-1678, an important vulnerability discovered by CrowdStrike® researchers. This vulnerability allows…

Six Tips for Securing Privileged Accounts in the Enterprise

This blog was originally published on March 2, 2018. Protecting privileged accounts and actively responding to any potential compromises has become a…

Your Session Key Is My Session Key: How to Retrieve the Session Key for Any Authentication

This blog was originally published on June 11, 2019. As announced in our recent security advisory, Preempt (now CrowdStrike) researchers discovered a…

How to Easily Bypass EPA to Compromise Any Web Server that Supports Windows Integrated Authentication

January 12, 2021
Yaron Zinar
Identity Protection

This blog was originally published on June 11, 2019. Researchers from Preempt (now CrowdStrike), have discovered how to bypass the Enhanced Protection…

Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise

December 21, 2020
Yaron Zinar
Identity Protection

This blog was originally published on June 11, 2019. On June 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1040 and CVE-2019-1019, two…

Critical Vulnerability in CredSSP Allows Remote Code Execution on Servers Through MS-RDP

December 21, 2020
Yaron Zinar
Identity Protection

This blog was originally published on March 13, 2018. On March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a vulnerability discovered…

Zerologon (CVE-2020-1472): An Unauthenticated Privilege Escalation To Full Domain Privileges

December 16, 2020
Yaron Zinar
Identity Protection

This blog was originally published on July 14, 2020. On July 14, 2020 Patch Tuesday, Microsoft released a patch for CVE-2020-1267, an…

Identity Protection

Security Advisory: MSRPC Printer Spooler Relay (CVE-2021-1678)

Six Tips for Securing Privileged Accounts in the Enterprise

Your Session Key Is My Session Key: How to Retrieve the Session Key for Any Authentication

How to Easily Bypass EPA to Compromise Any Web Server that Supports Windows Integrated Authentication

Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise

Critical Vulnerability in CredSSP Allows Remote Code Execution on Servers Through MS-RDP

Zerologon (CVE-2020-1472): An Unauthenticated Privilege Escalation to Full Domain Privileges

Red Flag Alert: Service Accounts Performing Interactive Logins

Active Directory Open to More NTLM Attacks: Drop The MIC 2 (CVE 2019-1166) and Exploiting LMv2 Clients (CVE-2019-1338)

Integer Overflow in Active Directory (CVE-2020-1267)