Security News > 2016 > November > Researchers identify domain-level service credential exploit (Help Net Security)
2016-11-17 13:00
CyberArk Labs unveiled new research detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard enabled. The exploit could allow cyber attackers to harvest encrypted service credentials from the registry and inject them into a new malicious service to achieve lateral movement and full domain compromise. Microsoft Credential Guard was introduced to mitigate the risk of lateral movement using compromised credentials, yet Credential Guard … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m-2ZdR4a2o0/
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- CISSP and CompTIA Security+ lead as most desired security credentials (source)
- WeChat devs introduced security flaws when they modded TLS, say researchers (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Hackers exploit Roundcube webmail flaw to steal email, credentials (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Germany drafts law to protect researchers who find security flaws (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)