#ShadowHound by Yehuda Smirnov evades EDRs by operating as a PS module & using a stealthy LDAP search query. 🚨Block it with our free #LDAPFirewall tool! github.com/Friends-Securi…

Unauthenticated Remote Code Execution (RCE) on Domain Controllers (DC). It does not get worse than that. Probably will be included in #ransomware campaigns. Any technical analysis of CVE-2024-49112 published? CC: 🥝🏳️‍🌈 Benjamin Delpy Will Schroeder Andy Robbins

Hi all! We released a native version for WTF-WFP, supporting a limited number of operations. Especially good for those instances when you can't use #PowerShell module #NtObjectManager. /bypass command will skip the entire layer of filters github.com/zeronetworks/W…

🎉2024 brought remarkable growth, new faces to #ZeroNation, and plenty of fun moments together 💪🏼🚀. To our customers, partners, investors, and team—thank you for an incredible year; here’s to a successful and inspiring 2025! 🥂 #ZeroNetworks #NewYear2025 #Cybersecurity

When we first published "What the Filter" we never thought we would have more than a 100 downloads, let alone a thousand. We're happy to see the community getting value with the latest version bypassing the 1000 mark ! 🏆 powershellgallery.com/packages/wtf-w…

How to stop #LDAPNightmare / #LDAPBleed CVE-2024-49112 & CVE-2024-49113 zeronetworks.com/blog/preemptiv…

Nice work by Yaron Zinar & CrowdStrike promoting LDAP Security to detect suspicious LDAP activities. crowdstrike.com/en-us/blog/ins… Maybe someone wants to slap an AI agent on their #LDAPFirewall for similar results? :) github.com/zeronetworks/l…

This one checks a lot of #LateralMovement TTPs. Could have been nicely blocked by #LDAPFirewall & #RPCFirewall + some #NetworkSegmentation How #blackSuit #ransomware spread from first fake #zoom installer -> d3f@ckloader #IDAT #SectopRAT thedfirreport.com/2025/03/31/fak…

Did you know that you can block DCOM via the #RPCFirewall? Make sure you're protected against #RemoteMonologue #NTLM #Coersion ! github.com/zeronetworks/r…

A handy list of LDAP search filters used by common enumeration tools, compiled by Unit 42 (Palo Alto Networks). The best part? You can block all of them with our open-source #LDAPFW! 📷 Full article: unit42.paloaltonetworks.com/lightweight-di… Get started: github.com/zeronetworks/l…

Shields up! time to limit access to Telnet (TCP port 23) on internal network. CC: Zero Networks

CVE-2025-29969 is an RPC #RemoteCodeExecution vulnerability, base score 7.5. Exploits a time-of-check time-of-use & affects Windows vers 2025, 2022, 2019, 2016, 2012 R2, 2012, 2008 R2 SP1, 2008 SP2; Win 11 22H2/23H2/24H2, Win 10 1607/1809/21H2/22H2. msrc.microsoft.com/update-guide/v…

A new open source tool to visualize #LDAP data ovre #Neo4j graph database: #Neo4LDAP by krp ! And, you can inject data directly from #BloodHound 🐕 Check it out here: github.com/Krypteria/Neo4…

Yes, LDAP enumeration is still a thing in 2025. 2ns.fi/en/ldap-enumer…

Read Dekel Paz excellent writeup on #badsuccessor #LDAP vulnerability, and how to mitigate with the #LDAPFirwall

ADCS … often exploited, rarely mentioned

Excellent writeup by Argentix on #WMI #LateralMovement Didn't mention mitigation via #RPCFirewall, which could be achieved by blocking remote #DCOM operations blog.fndsec.net/2024/09/11/wmi…

Learn about how to find hidden resources in #Azure using our new #opensource tool #MapAz

My thoughts about CVE-2025-33073, and on how to prevent #NTLM / #Kerberos relay attacks in general using #RPCFirewall & #LDAPFirewall zeronetworks.com/blog/examining…

#NauthNRPC is a tool that can help you enumerate computer / user accounts anonymously in #ActiveDirectory via DsrGetDcNameEx2 RPC calls. This is not often in most environments, so used could be blocked via #RPCFirewall. Nice job by Haidar 🏆🏆 hubs.li/Q03tvVVY0