Reportar una Violación
Customer Portal
NTDS.dit Dumping via Print Spooler Abuse
← Volver a Laboratorios
Medium
LOLBin, Campaign
Defense Evasion
Windows, Sysmon, EDR

NTDS.dit Dumping via Print Spooler Abuse

A principios de 2026, los actores de amenazas explotaron vulnerabilidades en SolarWinds Web Help Desk, incluyendo CVE-2025-40551 y CVE-2025-40536, para obtener acceso inicial y escalar privilegios en servidores vulnerables. Los atacantes luego aprovecharon la herramienta de Windows print.exe para extraer información sensible y exfiltrarla.

Download PDF

labs correlati

When Forensics Becomes Offensive: Abuse of FTK Imager in the STAC3725 Tradecraft
Medium
Bypass, Campaign
Defense Evasion
Windows, Sysmon, EDR

When Forensics Becomes Offensive: Abuse of FTK Imager in the STAC3725 Tradecraft

Scopri di più
Learn more
RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation
Medium
Bypass
Privilege Escalation
Windows, Sysmon, EDR

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation

Scopri di più
Learn more
BlueHammer windows Zero-Day
Medium
Bypass
Privilege Escalation
Windows, Sysmon, EDR

BlueHammer windows Zero-Day

Scopri di più
Learn more
1 2 3 5

Contacto

Proteja su negocio

Conózcanos
Sorint.Sec España
A/c Norrsken House Barcelona
Passeig del Mare Nostrum, 15
Ciutat Vella, 08039
Barcelona


+34 691 748976
info@sorintsec.es
Pages
Certificaciones
chevron-right