Author Posts: Yaron Zinar

NTLM Reflection Attack? Not for Preempt Customers

NTLM strikes again! Microsoft released a patch this week, CVE-2019-1384, which addresses a bypass vulnerability that allows attackers to successfully...

Security Advisory: Targeting AD FS With External Brute-Force Attacks

On July 2019 Patch Tuesday, Microsoft released a patch for CVE-2019-1126, an important vulnerability discovered by Preempt Research Labs. The...

How to Easily Bypass EPA to Compromise any Web Server that Supports Windows Integrated Authentication

As announced in our recent security advisory, Preempt researchers discovered how to bypass the Enhanced Protection for Authentication (EPA) mechanism...

Security Advisory: Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise

On June 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1040 and CVE-2019-1019, two vulnerabilities discovered by Preempt researchers. The critical...

New Microsoft Exchange Vulnerability Exposes Domain Admin Privileges: Here’s What to Do

Last week, the CERT Coordination Center (CERT/CC) issued a vulnerability note warning versions of Microsoft Exchange 2013 and newer are...