Mitja Kolsek
@mkolsek
Followers
4K
Following
33K
Media
287
Statuses
23K
CEO of ACROS Security; Co-founder of 0patch (https://t.co/XQ9EYMnQYX) Bluesky: https://t.co/HhsFBafHK0 Mastodon: @[email protected]
Joined January 2012
RT @YuG0rd: BadSuccessor is dead… or is it?. The patch for CVE-2025-53779 fixed the priv-esc. While no longer a vulnerability, the tactic s….
akamai.com
Read about Microsoft’s patch for BadSuccessor — a vulnerability in Windows Server Active Directory — and learn why its underlying mechanics still matter.
0
32
0
RT @DrCatharineY: Before we mock “shrimp on treadmills” or “marbles in cats,” remember: we once studied Gila monster spit and it led a drug….
0
130
0
RT @buffaloverflow: What comes after the patch? Bypass of course! 😜. Delinea Protocol Handler RCE - Return of the MSI. By my colleague @joh….
0
19
0
RT @haider_kabibo: I found that using RegQueryMultipleValuesW to read sensitive registry values bypasses nearly all the EDRs I tested. Alon….
0
52
0
RT @techspence: Are you an IT admin whose responsible for dealing with AppLocker? . Do you struggle to wrangle all your policies? . Are you….
0
22
0
RT @RedTeamPT: By intentionally coercing a host to open a share with a virus (or an EICAR test file), Windows Defender re-connects with com….
0
11
0
RT @SpecterOps: Hosts running the WebClient service are prime targets for NTLM relay attacks, and it may be possible to start the service r….
specterops.io
A walkthrough to answer the question: "Can you start the WebClient service remotely as a low privileged user?"
0
59
0
RT @joernchen: Today I have a more serious topic than usual, please consider reposting for reach:. My wife and I are urgently looking for a….
0
111
0
RT @RubenLabs: You didn’t click, but your password challenge is leaked. I’m excited to share my latest research: CVE-2025-50154, a high se….
cymulate.com
Learn about CVE-2025-50154 and its risk of NTLM attacks and RCE even after Microsoft’s fix for CVE-2025-24054.
0
34
0
RT @RubenLabs: Find the POC for my new finding, CVE-2025-50154, a zero day vulnerability on windows file explorer disclosing NTLMv2-SSP wit….
github.com
POC for CVE-2025-50154, a zero day vulnerability on windows file explorer disclosing NTLMv2-SSP without user interaction. It is a bypass for the CVE-2025-24054 Security Patch - rubenformation/CVE-2...
0
18
0
RT @0patch: We'd like to thank Filip Dragović (@filip_dragovic). for sharing their finding and their POC, which allowed us to reproduce the….
0
6
0