Windows security update blocks PetitPotam NTLM relay attacks

10 August 2021

Microsoft has released security updates that block the PetitPotam NTLM relay attack that allows a threat actor to take over a Windows domain. In July, security researcher GILLES Lionel, aka Topotam, disclosed a new method called PetitPotam that forces a domain controller to authenticate against a threat actor’s server using the MS-EFSRPC API functions.

Read full article on Bleeping Computer

Date:

10 August 2021

Categorie(s):

NEWS

Tag(s):

IT, NTLM, OS, PetitPotam, Windows

Strategies for combating AI-enhanced BEC attacks21 May 2024
Phishing statistics that will make you think twice before clicking21 May 2024
Big Tech is not much help when fighting a junta, and FOSS doesn’t ride to the rescue21 May 2024
YouTube has become a significant channel for cybercrime21 May 2024
Fighting identity fraud? Here’s why we need better tech21 May 2024