infosecn1nja
/
AD-Attack-Defense
mirror of https://github.com/infosecn1nja/AD-Attack-Defense.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update README.md

pull/5/head
Rahmat Nurfauzi 2019-06-29 08:12:34 +07:00 committed by GitHub
parent 2f7c071da2
commit eada43fbfe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -426,6 +426,13 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c
* Ensure AD admins (aka Domain Admins) protect their credentials by not logging into untrusted systems (workstations).
* Limit service account rights that are currently DA (or equivalent).
### Important Security Updates
* [CVE-2019-1040 - Windows NTLM Tampering Vulnerability](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1040)
* [CVE-2018-8581 - Microsoft Exchange Server Elevation of Privilege Vulnerability](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8518)
* [CVE-2016-0128 - Windows SAM and LSAD Downgrade Vulnerability](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0128)
* [CVE-2014-6324 - Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780)](https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-068)
* [CVE-2014-1812 - Vulnerability in Group Policy Preferences could allow elevation of privilege](https://support.microsoft.com/en-us/help/2962486/ms14-025-vulnerability-in-group-policy-preferences-could-allow-elevati)
### Detection
|Attack|Event ID|
|------|--------|