Wormable MountLocker
XingLocker a Ransomware group, is actively using a customized MountLocker ransomware executable. This latest MountLocker operation uses Windows Active Directory APIs to propagate as a worm through networks. Actuallist A…
Posted inMITRE
Purple Knight AD Assessment Tool
Microsoft Active Directory (AD) is used by 90 percent of enterprises as the primary source of trust for identity and access, but it’s also exploited in many cyberattacks. Since AD…
Zerologon Enforcement Mode
The Netlogon distant code execution vulnerability, disclosed final August, has been weaponized by APT teams.Microsoft has launched part two mitigation for the important Zerologon vulnerability disclosed in August 2020. CVE-2020-1472…
Posted inAzure Security cloudsecurity
Azure Outage Post Mortem Report
It's been a tough week for Microsoft, outage after outage hits it's clous services results in global outage. Start of this week , number of Microsoft customers worldwide were impacted…
CVE 2020-1472 – Exploit goes wild
The CVE-2020-1472 flaw is an elevation of privilege that resides in the Netlogon. The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon…
Active Directory ! Heart of business. Proper DR plan
Active directory as the name suggest, if business need to be active then active directory should be actively protected with proper care. Business vitality depends on AD. each and every…