TLDR AD-integrated DNS zones let any authenticated user create new DNS records by default. A low-privileged domain user can add a wildcard record (*) pointing to their own IP, which means every DN...

TLDR ESC17 is a new ADCS vulnerability class where a certificate template with Server Authentication EKU and Enrollee-Supplied Subject (SAN) allows a low-privileged user to obtain a valid TLS cert...

Executive Summary On 10 June 2025, Microsoft released a total of 66 different vulnerabilities 2 being zero-day ones and patches to mitigate these vulnerabilities. One of the zero-day vulnerabiliti...

Executive Summary On 23.05.2025, a new attack method exploiting the design flaw of the Delegated Managed Service Account (dMSA) feature that comes with Windows Server 2025 was detected and the exp...

Active Directory Certificate Services (ADCS) play a critical role in managing and securing the digital identities of users and devices in enterprise environments. However, vulnerabilities in this s...

Alert This report presents the preliminary analysis conducted following the detection of a suspicious PowerShell script execution. The incident transpired on September 5, 2021, at 12:43 PM. Alert ...

What? In this article, we will embark on a fascinating journey into the intricate world of Windows system calls. Our exploration is divided into two major segments: User-Side and Kernel-Side. Use...

Ever wondered how experts figure out what malware is up to? They use cool techniques like Static, Dynamic, and Behavioral analyses. Think of it like this: Static analysis is like reading a recipe w...

Why is DLL Injection used? Most cracked programs, cheats used in games, malicious software, etc., utilize a method known as DLL Injection to modify specific data types (int, float, etc.) in the vi...

In today’s cybersecurity landscape, the increasing sophistication of malicious scripts and their multi-layered functionalities are becoming a pertinent threat. One such complex example recently cau...