Summary
Two January 2024 Microsoft bugs revive problems most teams thought were settled. CVE-2024-20674 lets an attacker run a machine-in-the-middle attack against Windows Kerberos from the local network, which Jason Kikta calls pure ransomware fuel for anyone running on-premises or hybrid Active Directory. CVE-2024-20666 bypasses BitLocker device encryption with physical access, undermining the remote-wipe and lost-laptop protections corporations rely on. The team also covers Operation Triangulation, the zero-click iMessage attack chain detailed at the 37th Chaos Communication Congress.
)
)
)
)
)