Trimarc: Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise Active Directory
On December 10, NetSPI Security Consultant Jake Karnes was featured in Trimarc:
Jake Karnes (@jakekarnes42) with NetSPI published 3 articles (that’s right 3!) describing a new attack against Microsoft’s Kerberos implementation in Active Directory. He posted an Overview article, describing how the attack works, an Attack article on practical exploitation, and if you need further background on Kerberos, a Theory article.
This article attempts to summarize the key details of the attack and provide some expanded information and potential attack scenarios, including how Active Directory could be compromised leveraging this attack method.
Read the full article here: https://www.hub.trimarcsecurity.com/post/leveraging-the-kerberos-bronze-bit-attack-cve-2020-17049-scenarios-to-compromise-active-directory
Explore More News
NetSPI Named a Minnesota Top Workplace 2025 for Fifth Year in a Row
NetSPI earned a Top Workplaces 2025 award, the Star Tribune’s annual recognition of the best local companies, marking the fifth consecutive year NetSPI has received this prestigious honor.
NetSPI Publishes Continuous Threat Exposure Management (CTEM) For Dummies, NetSPI Special Edition
NetSPI, the proactive security solution, is excited to announce the release of Continuous Threat Exposure Management (CTEM) For Dummies, NetSPI Special Edition.
TechChannel: Hacking With ChatGPT
NetSPI Field CISO Nabil Hannan was featured in TechChannel’s article on how LLMs like ChatGPT are accelerating cyberattacks and lowering the barrier to entry.