Microsoft has released additional details on how businesses can protect their Windows domain controllers and other Windows servers from PetitPotam attacks.
PetitPotam can be used in conjunction with an exploit for Active Directory Certificate Services (AD CS) to gain complete control of a Windows domain.
Last week, France-based security researcher Lionel Gilles (aka Topotam) released a proof-of-concept (PoC) exploitation tool for PetitPotam, and the SANS Institute’s Internet Storm Center published a step-by-step explanation of the attack.
In reaction to the discoveries, Microsoft released an advisory defining PetitPotam as a “typical NTLM Relay Attack” and pointing to previously disclosed mitigations.
To Read More: securityweek
For more such updates follow us on Google News ITsecuritywire News.