Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!
source link: https://www.varonis.com/blog/threat-update-53-proxyshell-and-petitpotam-and-ransomware-oh-my/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!
Inside Out Security Blog » Cybersecurity News » Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!
Technology grows, evolves, and changes over time, but most organizations often need to support legacy systems. In the Microsoft world, this typically means keeping legacy authentication protocols like NTLM authentication around despite their known shortcomings. The new PetitPotam attack exploits some of these legacy protocols to take over Windows domains.
Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss the background of the PetitPotam attack, how attackers and ransomware operators are weaponizing it, and tips to help defend against it.
Articles referenced in this episode:
New PetitPotam attack allows take over of Windows domains
LockFile ransomware uses PetitPotam attack to hijack Windows domains
https://github.com/topotam/PetitPotam
👉To learn how else we can help, please visit us at: https://www.varonis.com/help/
Kilian Englert
Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cyber security and technology best practices.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK