Security Advisory: Targeting AD FS With External Brute-Force Attacks

Posted by Yaron Zinar on Jul 9, 2019 10:06:47 AM

On July 2019 Patch Tuesday, Microsoft released a patch for CVE-2019-1126, an important vulnerability discovered by Preempt Research Labs. The vulnerability discovered leads to security issues that create a wide scale denial-of-service against exposed organizations, and potentially, identity compromise.

While Microsoft only released one patch, we believe there are two vulnerabilities that allow attackers to remotely launch brute-force attacks on AD FS servers from the outside of the network. Attackers can bypass the Extranet Lockout Protection security feature and also bypass the Microsoft AD lockout policy(!) in certain scenarios. The implications vary between account compromise (due to weak passwords) or a massive denial-of-service to all domain accounts. All AD FS versions are vulnerable.

Read the press release

Read More

Topics: password brute force, Security Advisory, ADFS

One Organization's Dilemma: Adding Security for Cloud Apps With Less User Disruption

Posted by Phil Meneses on May 31, 2018 1:42:59 PM

Late last year, we began conversations with the Tuck School of Business at Dartmouth College about their current security concerns. Like many organizations, a portion of their workloads are moving from on-premises to the cloud. One of the big concerns about moving to the cloud is how to secure infrastructure as companies currently do from within the defined perimeter of their internal network. They also needed to provide added security without heavily impacting the end user (students, faculty, and staff) experience. Because these are common concerns for many other organizations, I’d like to share how we helped this customer overcome these security concerns.

Read More

Topics: Multi-factor Authentication, Microsoft, Cloud, ADFS