📬 Cyber-Versicherung muss trotz fehlender Updates IT-Schäden bezahlen
#Cyberangriffe #Rechtssachen #4O193 21 #CyberVersicherung #DesignSchwachstelle #JensFerner #MonitoringSystem #PasstheHash #WindowsServer2019 https://tarnkappe.info/artikel/rechtssachen/cyber-versicherung-muss-trotz-fehlender-updates-it-schaeden-bezahlen-278408.html

[#PatchNow] Microsoft has released a patch for a critical elevation of privilege #zeroday #vulnerability that has purportedly been used by threat actors linked to Russian Military Intelligence to compromise multiple European organizations over the past year.

According to Microsoft, "The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation BEFORE the email is viewed in the Preview Pane."

(External attackers could send specially crafted emails that will cause a connection from the victim to an external UNC location of attackers' control. This will leak the Net-NTLMv2 hash of the victim to the attacker who can then relay this to another service and authenticate as the victim.)

All supported versions of Microsoft #Outlook for Windows are vulnerable. Online versions of Microsoft Outlook such as Android, iOS, Mac, as well as Outlook on the web and other M365 services are not affected.

There is a script to help determine if your organization was targeted by actors attempting to use this vulnerability.

Bottom line: Test and patch this ASAP if your org uses Outlook.

Links to more info: https://exchange.xforce.ibmcloud.com/vulnerabilities/249053

https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2023-23397

#NTLMRelay #PassTheHash

"AWS announces Credential Guard support for Windows instances on Amazon EC2"

Protect those #LSASS secrets!

An OS like #Windows has a hard time doing it without #virtualization based security, provided by a #hypervisor like the one found in the #NitroSystem.

#AWS #Security #ActiveDirectory #PassTheHash #PtH

https://aws.amazon.com/about-aws/whats-new/2023/01/aws-credential-guard-windows-instances-amazon-ec2/

I have a client that is a royal pain to get any proper maintenance for security or upgrades for security scheduled, but thinks they are secure cuz they have, MFA, Sophos and users pass phishing tests.

I took one look at their AD and network and laughed at how pwnable it was.

Today I got back the results from the internal #GreyBox #Pentest and low and behold... #Kerberoasting #passthehash and a bunch of other shit I've been trying to get permission to fix.
I guess I'll get that scheduled now 🤣🤣🤣