Security News > 2016 > November > Researchers identify domain-level service credential exploit (Help Net Security)
2016-11-17 13:00
CyberArk Labs unveiled new research detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard enabled. The exploit could allow cyber attackers to harvest encrypted service credentials from the registry and inject them into a new malicious service to achieve lateral movement and full domain compromise. Microsoft Credential Guard was introduced to mitigate the risk of lateral movement using compromised credentials, yet Credential Guard … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m-2ZdR4a2o0/
Related news
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)
- Google paid $12 million in bug bounties last year to security researchers (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)
- Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials (source)