PetitPotam Archives - Cyber Security Minute

NTLM relay attacks explained, and why PetitPotam is the most dangerous

Issued by: CSO

Microsoft Active Directory (AD), which handles identity management, reportedly holds 90% to 95% market share among fortune 500 companies. Given such broad adoption, it is no surprise that it is so heavily targeted by malicious actors and researchers alike. Among the most cited types of attacks against AD are legacy protocols. One such protocol that…

Vulnerabilities

Patch now! Microsoft Exchange is being attacked via ProxyShell

Issued by: Blog Malwarebytes

Last Saturday the Cybersecurity and Infrastructure Security Agency issued an urgent warning that threat actors are actively exploiting three Microsoft Exchange vulnerabilities—CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. These vulnerabilities can be chained together to remotely execute arbitrary code on a vulnerable machine. This set of Exchange vulnerabilities is often grouped under the name ProxyShell. Fixes were available…