PetitPotam

Pierluigi Paganini August 21, 2021
New LockFile ransomware gang uses ProxyShell and PetitPotam exploits

A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang named LockFile targets Microsoft Exchange servers using the recently disclosed ProxyShell vulnerabilities. The popular security expert Kevin Beaumont was one of the first researchers to report that the LockFile operators are using the Microsoft Exchange ProxyShell and the Windows […]

Pierluigi Paganini July 26, 2021
Microsoft publishes mitigations for the PetitPotam attack

Microsoft published mitigations for the recently discovered PetitPotam attack that allows attackers to force remote Windows machines to share their password hashes. Microsoft has released mitigations for the recently discovered PetitPotam NTLM attack that could allow attackers to take over a domain controller. A few days ago, security researcher Gilles Lionel (aka Topotam) has discovered a vulnerability in […]