Author Posts: Yaron Zinar

Security Advisory: Critical Vulnerability in CredSSP Allows Remote Code Execution on Servers Through MS-RDP (Video)

In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a vulnerability discovered by Preempt researchers. The vulnerability consists of...

Lessons from Black Hat USA 2017: Defense in Depth

Last month I attended the Black Hat USA 2017 conference. It did not disappoint. Overall the event and packed agenda...

New LDAP & RDP Relay Vulnerabilities in NTLM

Over the past few months, the Preempt research team discovered and reported two Microsoft NT LAN Manager (NTLM) vulnerabilities. These...

How to Stop NotPetya and Similar Ransomware from Spreading in the Network

NotPetya, a recent malware, masquerading as the known Petya ransomware started wreaking havoc at a world scale last week. Initially,...

1 in 5 Enterprise Passwords Can Be Easily Compromised

Recently, the new draft of NIST guidelines was released and proposed a shift in password strategy from periodic changes with...