Back

ZDNet: Proof-of-concept exploit code published for new Kerberos Bronze Bit attack

News NetSPI in the News
| Jake Karnes

On December 10, NetSPI Security Consultant Jake Karnes was featured in ZDNet:

Proof-of-concept exploit code has been published this week for a new attack technique that can bypass the Kerberos authentication protocol in Windows environments and let intruders access sensitive network-connected services.

Named the Bronze Bit attack, or CVE-2020-17049, patching this bug caused quite the issue for Microsoft already.

The OS maker delivered an initial fix for Bronze Bit attacks in the November 2020 Patch Tuesday, but the patch caused authentication issues for Microsoft’s customers, and a new update had to be deployed this month to fix the previous issues.

On Wednesday, a day after Microsoft delivered the final patches, Jake Karnes, a security engineer at NetSPI, published a technical breakdown of the vulnerability so network defenders can understand how they are vulnerable and why they need to update, despite the patching process’ rocky start.

Read the full article here: https://www.zdnet.com/article/proof-of-concept-exploit-code-published-for-new-kerberos-bronze-bit-attack/

SHARE
Jake Karnes

Recent Posts

NetSPI Achieves Prestigious CBEST Accreditation, Solidifying Its Position as a Trusted Leader in Financial Services Security Testing
NewsPress Release
April 2, 2024

NetSPI Achieves Prestigious CBEST Accreditation, Solidifying Its Position as a Trusted Leader in Financial Services Security Testing

Expert Insights: Top 9 Breach And Attack Simulation Solutions
NewsNetSPI in the News
March 25, 2024

Expert Insights: Top 9 Breach And Attack Simulation Solutions

NetSPI Recognized as a Top USA Workplace for 2024
NewsPress Release
March 19, 2024

NetSPI Recognized as a Top USA Workplace for 2024

Discover how the NetSPI BAS solution helps organizations validate the efficacy of existing security controls and understand their Security Posture and Readiness.

Learn More
X