Marina Simakov
Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Adversaries often exploit legacy protocols like Windows NTLM that unfortunately remain widely deployed despite known vulnerabilities. Previous CrowdStrike blog posts have covered critical vulnerabilit[…]
Your Session Key Is My Session Key: How to Retrieve the Session Key for Any Authentication
This blog was originally published on June 11, 2019. As announced in our recent security advisory, Preempt (now CrowdStrike) researchers discovered a critical vulnerability that allows attackers to re[…]
From the Archives: Drop the MIC — CVE-2019-1040
This blog was originally published on June 11, 2019. As announced in our recent security advisory on CVE-2019-1040, Preempt (now CrowdStrike) researchers discovered how to bypass the MIC (Message Inte[…]