Category: Security Advisory

Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication

As announced in our recent security advisory, Preempt researchers discovered a critical vulnerability that allows attackers to retrieve the session...
Read Now

Security Advisory: Critical Vulnerabilities in NTLM Allow Remote Code Execution and Cloud Resources Compromise

On June 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1040 and CVE-2019-1019, two vulnerabilities discovered by Preempt researchers. The critical...
Read Now

From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP

In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a critical vulnerability that was discovered by Preempt. This vulnerability...
Read Now

Security Advisory: Critical Vulnerability in CredSSP Allows Remote Code Execution on Servers Through MS-RDP (Video)

In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a vulnerability discovered by Preempt researchers. The vulnerability consists of...
Read Now

Advisory: Flaw in Azure AD Connect Software Can Allow Stealthy Admins to Gain Full Domain Control

By: Roman Blachman and Yaron Zinar We recently reviewed a customer’s network and found that 85%(!) of all users in the network...
Read Now