Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

Silverfort Protection Against CVE-2023-23397 Outlook Zero Day

In the latest Patch Tuesday, Microsoft released a patch for  CVE-2023-23397 Zero Day in Outlook, that was reported to be exploited in the wild. Exploitation of this vulnerability enables an adversary to grab NTLM hashes (equivalent to user credentials) from the targeted machine and use for malicious access to other ... Read More
Bounce the Ticket and Silver Iodide Attacks on Azure AD Kerberos 

Bounce the Ticket and Silver Iodide Attacks on Azure AD Kerberos 

| | Blog
Silverfort research finds threat actors could attack new Microsoft cloud authentication protocol to steal or forge cloud tickets and carry out lateral movement   Summary  Silver Ticket and Pass The Ticket (PTT) are infamous legacy on-prem Kerberos attacks used to perform Lateral Movement in Active Directory. Marking another step towards the ... Read More
Technical Analysis of CVE-2022-33679 and CVE-2022-33647 Kerberos Vulnerabilities

Technical Analysis of CVE-2022-33679 and CVE-2022-33647 Kerberos Vulnerabilities

| | Blog
Written by Yoav Iellin and Dor Segal, Researchers at Silverfort Microsoft’s September 2022 Patch Tuesday included two high-risk elevation of privilege vulnerabilities in Kerberos, that were discovered by Google Project Zero. The two vulnerabilities take advantage of the ability to force Kerberos do downgrade its encoding from the default AES ... Read More
ntlmv1 logs table

Silverfort Enables Organizations to Resolve the Risks of NTLMv1

| | Blog
Although a key part of cyber resilience is adapting to changes in technology, addressing attack surfaces that have remained constant is equally critical. This is because most enterprises have maintained a significant amount of legacy infrastructure in addition to newer cloud workloads and SaaS applications. Sometimes this is due to ... Read More
powershell script

Silverfort Proactively Detects & Protects Against Certifried Attacks

| | Blog
In early May 2022, the Certifried (CVE-2022-26923) vulnerability was published. This vulnerability abuses Kerberos certificate extension and its Active Directory elements. It’s a privilege escalation vulnerability in which a weak user gains domain admin privileges in an Active Directory environment. How does it work? The Certifried vulnerability allows an attacker to elevate ... Read More