Blog Entries

04. 01. 2023 Mirko Morandini Asset Management, Unified Monitoring

Using GLPI with the Metabase Open Source BI Tool for Visualizing Rich Reports and Dashboards

Asset management/CMDB tools play (or should play!) a central role in IT operations and management, gathering data from hardware assets on contracts, software licenses, network configurations, tickets and many more. The key task is to keep all this data consistent and up to date. Rigor in manual data insertion and the careful integration of automation…

Read More
02. 01. 2023 Beatrice Dall'Omo Red Team, SEC4U

Focus on the noPac Attack

In December 2021 Microsoft revealed two vulnerabilities concerning an Active Directory Domain Services privilege elevation, classified as CVE-2021-42278 and CVE-2021-42287. By combining the two exploits in the so-called noPac attack, a malicious actor could perform a privilege escalation by impersonating the Domain Administrator after starting out as a standard user. This would lead to a…

Read More

Archive