Security News > 2016 > November > Researchers identify domain-level service credential exploit (Help Net Security)
2016-11-17 13:00
CyberArk Labs unveiled new research detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard enabled. The exploit could allow cyber attackers to harvest encrypted service credentials from the registry and inject them into a new malicious service to achieve lateral movement and full domain compromise. Microsoft Credential Guard was introduced to mitigate the risk of lateral movement using compromised credentials, yet Credential Guard … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m-2ZdR4a2o0/
Related news
- New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers (source)
- New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials (source)
- Tired of airport security queues? SQL inject yourself into the cockpit, claim researchers (source)
- Researchers find SQL injection to bypass airport TSA security checks (source)
- Security Researcher Sued for Disproving Government Statements (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms (source)