Recently published by Lionel Gilles, an offensive security researcher based in France, 'PetitPotam' is a proof-of-concept (PoC) tool used for NT LAN Manager (NTLM) relay attacks that, when executed properly, grants threat actors the ability to take over a Windows Active Directory (AD) domain, including domain controllers (DC), where Active Directory Certificate Services (ADCS) are used. Similar to classic in-the-middle (ITM) or replay attacks, PetitPotam applies similar concepts to its relay attack.

In an age when attackers create over a million phishing sites each month, and phishing serves as a beachhead for 95 percent of all attacks against enterprise networks, how can businesses respond? Part of the answer lies in educating users to recognize and report phishing, of course. But user education only goes so far – particularly because the same statistics cited above show that, on average, only 3 percent of users will report phishing emails.

We’re going to talk about state versus change. For the purposes of our discussion, you need to know that Tripwire Enterprise offers something called TE Commander. Many enterprise applications lack a native command line interface. This can be a challenge if you want to automate and integrate basic operations, which is a necessary function in most enterprise IT environments.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about the legacy between the healthcare industry and cyberattacks, the vulnerable points in the healthcare system, and how risks can be mitigated. Did you know that for 10th year in a row, the healthcare industry has seen the highest impact from cyberattacks of any industry?

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. First up this week is quite a terrifying use of an iPhone vulnerability…

Trustwave SpiderLabs recently undertook a survey of some 100 popular WordPress plugins for possible SQL Injection vulnerabilities. Some good news is that in the vast majority, no such vulnerabilities were identified. Most plugins were found to be using either prepared statements or suitable sanitization when incorporating user-controlled data in a query.