Tenable

MARCH 11, 2022

The 2021 Threat Landscape Retrospective explored the top five vulnerabilities of the year. When putting together the Threat Landscape Retrospective (TLR) for 2021 , the Security Response Team had a particularly difficult challenge picking the top five vulnerabilities for the year out of the many candidates. How we chose the 2021 Top 5.

Windows 145

Windows Groups LAN Authentication 145

Tenable

AUGUST 10, 2021

Microsoft patched 44 CVEs in the August 2021 Patch Tuesday release, including seven CVEs rated as critical and 37 rated as important. This is the second time in 2021 that Microsoft has patched less than 50 vulnerabilities in a Patch Tuesday release. CVE-2021-26424 | Windows TCP/IP Remote Code Execution Vulnerability. 7 Critical.

Windows 100

Windows Azure LAN .Net 100

Tenable

FEBRUARY 13, 2024

Successful exploitation of this flaw would allow an attacker to relay a New Technology LAN Manager Version 2 (NTLMv2) hash against a vulnerable server. In order to exploit this flaw, an attacker would need to be authenticated with LAN-access and have a valid login for an Exchange user.

LAN 132

LAN Windows Azure Internet 132

Tenable

SEPTEMBER 14, 2020

Security researchers reveal how the cryptographic authentication scheme in Netlogon can be exploited to take control of a Windows domain controller (DC). An attacker can exploit this flaw to impersonate the identity of any machine on a network when attempting to authenticate to the Domain Controller (DC). Background. the maximum score.

Windows 121

Windows LAN Backup Authentication 121

Tenable

MAY 10, 2022

Windows Authentication Methods. However, when chained with a new technology LAN manager (NTLM) relay attack, the combined CVSSv3 score for the attack chain is 9.8. An unauthenticated attacker could coerce domain controllers to authenticate to an attacker-controller server using NTLM. Role: Windows Hyper-V. Visual Studio.

Windows 100

Windows Authentication LAN Policies 100

Netflix Tech

AUGUST 30, 2021

On the RAE, there exists a service called the Local Registry, which is responsible for detecting, onboarding, and maintaining information about all devices connected to the LAN side of the RAE. Thus, the implemented solution must integrate with Netflix Spring facilities for authentication and metrics support at the very minimum?—?the

Software Review 89

Software Review Systems Review Windows Testing 89

Altexsoft

OCTOBER 15, 2018

These services require biometric authentication and integration into government systems to allow a customs officer to view the status of a passenger. Information is distributed through the airport radio system, or displayed on a PC connected via the airport LAN or on mobile devices. Ear acoustic authentication. Baggage handling.

Software Review 75

Software Review Software Technical Review Technology 75