January 2024

Episode 03   Published January 9, 2024 33 minute watch

Summary

Two January 2024 Microsoft bugs revive problems most teams thought were settled. CVE-2024-20674 lets an attacker run a machine-in-the-middle attack against Windows Kerberos from the local network, which Jason Kikta calls pure ransomware fuel for anyone running on-premises or hybrid Active Directory. CVE-2024-20666 bypasses BitLocker device encryption with physical access, undermining the remote-wipe and lost-laptop protections corporations rely on. The team also covers Operation Triangulation, the zero-click iMessage attack chain detailed at the 37th Chaos Communication Congress.