Corelight Bright Ideas Blog

Archives for Aug 2022

Detecting CVE-2022-30216: Windows Server Service Tampering

Detecting CVE-2022-30216: Windows Server Service Tampering

In July 2022, Microsoft disclosed a vulnerability in the Windows Server Service that allows an authenticated user to remotely access a local API call on a domain controller, which triggers an NTLM request. This results in a leak of credentials that... Read more »

Search

    Recent Posts