Microsoft Shares Guidelines To Help Admins Fight KrbRelayUp Attacks

Share post:

Microsoft has developed a common guide to help administrators effectively protect their Windows enterprise environment from KrbRelayUp attacks.

Administrators are advised to secure communication between LDAP clients and Active Directory (AD) domain controllers by forcing the signature of the LDAP server and enabling Extended Protection for Authentication (EPA).

The Microsoft 365 Defender Research also provides additional details about how the KrbRelayUp attack works and more information about how to improve device configuration.

The KrbRelayUp attack involves exploiting the KrbRelayUp tool, developed by security researcher Mor Davidovich as an open-source wrapper for Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker and ADCSPwn privilege escalation tools.

Exploiting the KrbRelayUp tool allows attackers to gain SYSTEM privileges on Windows systems with default configurations.

According to Microsoft, the privilege escalation tool does not work against organizations with cloud-based Azure Active Directory environments. However, KrbRelayUp can help compromise Azure virtual machines in hybrid AD environments where domain controllers are synchronized with Azure AD.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

US Defence Contractor Fined 4.6 Million For Failing To Meet Cyber Security Requirements.

A U.S. defence contractor, MORSE Corp, has agreed to pay $4.6 million to settle allegations of failing to...

Tech Aide on U.S. Government Efficiency Team Linked to Cybercrime Group

A 19-year-old staffer working on the U.S. Department of Government Efficiency (DOGE) initiative has been linked to a...

Top U.S. Security Officials Have Even More Data Exposed Through Public Apps, Chats, and Data Leaks

A new investigation has revealed that personal information belonging to senior U.S. security officials — including active phone...

Trump Administration Officials Accidentally Text Journalist Secret U.S. War Plans

The Atlantic’s editor-in-chief Jeffrey Goldberg says he was mistakenly added to a Signal group chat discussing classified U.S....

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways