Microsoft Security Advisory for ADCS exploit – ADV210003

PKI Solutions Logo

This morning we provided details to our existing support and co-management customers on a recent notice of vulnerability to certain Microsoft ADCS configurations. The exploit involves NTLM and leveraging some ADCS PKI components. Full details can be found here: https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV210003. Summary In environments with NTLM authentication still enabled in Active Directory and when using ADCS…

Read More

Targeting the Extended Supply Chain – a Brief Review of Stuxnet

Peter DiToro Strategic Advisor For PKI Solutions

In November, 2010 Iranian president Mahmoud Ahmadinejad announced that a “cyber weapon” had been deployed against the Natanz nuclear laboratory. Indeed, some infosec pundits subsequently referred to the attack, called “Stuxnet”, as the first true cyber weapon to be used in anger. While that may be debatable, what is not in question is the design,…

Read More

Our Advanced PKI Training Course Is Now Online

ADCS Advance Training Course PKI Solutions

Now is the time to keep your PKI healthy – now more than ever. The key to operating and maintaining your PKI is understanding how it all works. We all know that PKIs are the foundational backbone of enterprise IT security, IoT, and industry specific security standards. Ensuring the security and integrity of your PKI…

Read More

Are You Managing Your Secrets?

Is Your Binary Locked? PKI Solutions

Do you know where your organization’s secrets are kept? The modern IT landscape is filled with secrets: certificates, cryptocurrency wallets, SQL connection strings, storage account keys, passwords, and encryption keys. Getting a handle on secrets management can be a top challenge. Knowing where secrets are kept in the company is critical – and sometimes easier…

Read More