Trimarc: Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise Active Directory
On December 10, NetSPI Security Consultant Jake Karnes was featured in Trimarc:
Jake Karnes (@jakekarnes42) with NetSPI published 3 articles (that’s right 3!) describing a new attack against Microsoft’s Kerberos implementation in Active Directory. He posted an Overview article, describing how the attack works, an Attack article on practical exploitation, and if you need further background on Kerberos, a Theory article.
This article attempts to summarize the key details of the attack and provide some expanded information and potential attack scenarios, including how Active Directory could be compromised leveraging this attack method.
Read the full article here: https://www.hub.trimarcsecurity.com/post/leveraging-the-kerberos-bronze-bit-attack-cve-2020-17049-scenarios-to-compromise-active-directory
Explore More News
EY US Unveils Aaron Shilts of NetSPI as an Entrepreneur Of The Year® 2025 Heartland Award Finalist
Ernst & Young LLP (EY US) announced Aaron Shilts, President and CEO at NetSPI, as a finalist for the prestigious Entrepreneur Of The Year 2025 Heartland Award.
Cyber Security Tribe: Experts Reveal How Agentic AI Is Shaping Cybersecurity in 2025
NetSPI President and CEO Aaron Shilts was featured in Cybersecurity Tribe’s article on how agentic AI is transforming cybersecurity practices in 2025.
Sky News: What Should M&S Customers Do After Criminals Stole Personal Data in Huge Attack?
Sky News reported on the growing concerns from NetSPI cybersecurity experts following M&S confirmation that personal customer data was stolen.