Contact Us

Newsletter Sign-Up

2 min read

The ZeroLogon Exploit (CVE-2020-1472)

By Carl Keyser on Sep 22, 2020 8:00:00 AM

If you haven't installed Microsoft's August patch updates for your Active Directory domain controllers, you might want to reconsider. A brand new exploit (officially called CVE-2020-1472 by Microsoft and Zerologon by Tom Tervoort, the researcher who discovered it) allows an attacker to compromise an unpatched Active Directory domain controller via just a TCP connection without the need for any domain credentials.

Topics: Exploit Security Exploit Domain Controllers Active Directory
1 min read

MacOS Exploit Targets Saved Keychain Passwords

By Carl Keyser on Mar 5, 2019 10:00:00 AM

A recently discovered MacOS exploit allows someone to steal usernames and passwords directly from the Keychain app with out requiring an Administrator account.

Topics: apple KeyStealer MacOS Exploit