FunnyDream APT Campaign – Zoom in on Silverfort Protection Against Lateral Movement
*****By https://www.silverfort.com/wp-content/uploads/2022/06/Thumbnails-for-Resources-and-blog-green_0001s_0001_Generic1-Archive-card-842x626px-24.png Keshet, Director of Product Marketing, Silverfort***** A new APT campaign, dubbed ‘FunnyDream’, has been discovered by security researchers. The campaign primarily targeted South East Asian governments. Attack findings have been reported since October 2018. The investigation of the APT group’s espionage activity shows evidence of lateral movement. It seems that compromised credentials were […]
ZeroLogon – Patching is Not Enough
Guidelines and Tools for Protecting Your Environment from CVE-2020-1472 By Yaron Kassner, CTO and Co Founder, Silverfort Secura recently published a whitepaper about one of the worst vulnerabilities that I’ve seen in a while. It’s called ZeroLogon, a.k.a. CVE-2020-1472. The DHS also published an emergency directive to patch affected Windows Servers. And they’re not exaggerating […]
ZeroLogon – Patching is Not Enough
Guidelines and Tools for Protecting Your Environment from CVE-2020-1472 By Yaron Kassner, CTO and Co Founder, Silverfort Secura recently published a whitepaper about one of the worst vulnerabilities that I’ve seen in a while. It’s called ZeroLogon, a.k.a. CVE-2020-1472. The DHS also published an emergency directive to patch affected Windows Servers. And they’re not exaggerating […]
The Hidden Dangers of Shadow Admins
Shadow Admin accounts are user accounts that have sensitive privileges – not because they are members of a privileged admin Active Directory (AD) group, but because they were inadvertently assigned permissions that can allow them to take over other privileged accounts and leverage them to reach their target systems to compromise them. If a Shadow […]
Reducing the Password Footprint in a Windows Environment
*****By Yaron Kassner, CTO and Co Founder, Silverfort***** The word password-less gets thrown around a lot lately, and while everybody is talking about it, I haven’t met any enterprises that actually managed to eliminate passwords. Eliminating passwords is a big challenge, and I believe big challenges should be solved in small steps. So in this […]
Blocking Office365 Attacks (CVE-2017-11774) with MFA
US Cyber command has recently published a security alert on Twitter regarding abuse of an Outlook vulnerability https://twitter.com/CNMF_VirusAlert/status/1146130046127681536. This vulnerability was originally found and reported by SensePost back in 2017 – see here: https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/ A patch has been available since then, but the vulnerability is still being actively abused. How does it Work? It is an […]
Blocking Office365 Attacks (CVE-2017-11774) with MFA
US Cyber command has recently published a security alert on Twitter regarding abuse of an Outlook vulnerability https://twitter.com/CNMF_VirusAlert/status/1146130046127681536. This vulnerability was originally found and reported by SensePost back in 2017 – see here: https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/ A patch has been available since then, but the vulnerability is still being actively abused. How does it Work? It is an […]
How Silverfort Overcomes the New Lock Screen Bypass Vulnerability (CVE-2019-9510)
Last week, CERT released an advisory about a Windows vulnerability (CVE-2019-9510) that allows effectively bypassing Multi-Factor Authentication (MFA) to Windows servers. Microsoft was quick to dismiss the vulnerability. But however you look at it, with most MFA solutions, locked remote desktops can be unlocked due to this vulnerability without using MFA, even if MFA is […]
How Silverfort Overcomes the New Lock Screen Bypass Vulnerability (CVE-2019-9510)
Last week, CERT released an advisory about a Windows vulnerability (CVE-2019-9510) that allows effectively bypassing Multi-Factor Authentication (MFA) to Windows servers. Microsoft was quick to dismiss the vulnerability. But however you look at it, with most MFA solutions, locked remote desktops can be unlocked due to this vulnerability without using MFA, even if MFA is […]