Tom Tervoort, a senior security specialist with Netherlands-based Secura, joins the Aperture Podcast to discuss the Zerologon vulnerability in Windows Netlogon. This critical crypto bug in the Netlogon authentication mechanism was discovered by Tom and the Secura team, and patched in August by Microsoft. Since then, exploit code has surfaced and the vulnerability has been used by two separate APT groups. Tom discusses how he "accidentally" discovered Zerologon, the risks posed by successful exploits, how and why APTs might use it, and the resources required to use it in attacks against Active Directory, domain controllers, and other Windows authentication mechanisms. 

Ver todos los episodios