Eric Woodruff

Semperis

LDAPNightmare, recently published by SafeBreach Labs, is a proof-of-concept exploit of a known Windows Lightweight Directory Access Protocol (LDAP) denial-of-service vulnerability (CVE-2024-49113). What is LDAPNightmare, how dangerous is this exploit, and how can you detect and defend against it? What is LDAPNightmare? The December 2024 Windows update – published by ... Read More

This article details a series of Semperis security research team discoveries that resulted in the ability to perform actions in Entra ID beyond expected authorization controls, based on analysis of... The post UnOAuthorized: Privilege Elevation Through Microsoft Applications appeared first on Semperis ... Read More