Security Consultant / Penetration Tester for @NetSPI. All tweets/etc. are my own.

Joined July 2014
All the details for CVE-2020-17049 are now available! The overview contains a summary of the vulnerability and its exploit, including links to 2 deep dive posts which cover much more. blog.netspi.com/cve-2020-170…
6
174
284
The follow-up "Theory" post explains the vulnerability from start to finish. If you've wanted to brush up on your Kerberos and Delegation knowledge, here's a great place to dive in: blog.netspi.com/cve-2020-170…
1
7
18
I'm excited to share that CVE-2020-17049 has been issued for a vulnerability that I found. There are more details to come, but I'll be holding off publishing for now while the patchwork is still ongoing. msrc.microsoft.com/update-gu…
3
12
59