From Anonymous to Domain Admin: ESC8 Vulnerability in the Wild
Tl;dr SOPHTIX Security Team escalated to Domain Administrator in a “black box” internal penetration test using an ESC8 vulnerability in Active Directory Certificate Services (ADCS). Enumeration One of the most common steps in obtaining a foothold in an Active Directory environment is compromising user accounts, that allow future lateral and horizontal movement. When Kerberos authentication […]
Exchange Online Content Filtering Bypass: Defeating Microsoft’s URL Sandboxer
Tl;dr SOPHTIX Security Team found a bypass for Microsoft’s phishing and malware content filtering for inbound email in Exchange Online. The bypass allows threat actors to include malicious links in phishing email messages sent to mailboxes hosted in Exchange Online, leaving organizations utilizing Microsoft 365 Business and Enterprise solutions prone to attack. Through the use […]