BF-SIRT Newsletter 2017-28

The top stories from this week is a Kerberos SNAME security feature bypass vulnerability (sound autoplays), and new LDAP & RDP relay vulnerabilities in NTLM.

You can also read about how Magecart attackers monetize stolen payment card info, or how attackers are increasingly living off the land.

Top 5 Security links:
Kerberos SNAME Security Feature Bypass Vulnerability (sound autoplays)
New LDAP & RDP Relay Vulnerabilities in NTLM
How Magecart Attackers Monetize Stolen Payment Card Info
Attackers are Increasingly Living Off the Land
Google patches pwnable ‘droids for Wi-Fi vuln