active-directory - Cyberbeat Blog

Kerberoasting: How Attackers Crack AD Service Accounts

Background Kerberoasting is an attack technique that leverages the Kerberos authentication protocol used by Microsoft Active Directory to extract password hashes from service accounts and crack them offline. The method relies on the presence of Service Principal Names (SPNs) associated with user or computer accounts in AD. When a client

Edgerunner 20 May 2026 8 min read

cve cve mitre-attack patch-management

CISA KEV Deep Dive: EPMM and PAN-OS Exploits

CISA added EPMM (CVE-2026-6973) and PAN-OS OOB (CVE-2026-0300) to the Known Exploited list. See how threat actors leverage these flaws for privilege escalation, lateral movement, and real-world compromise.

Edgerunner 08 May 2026 4 min read

cve cve threat-intelligence patch-management

Tenda Cookie Hijack Still Plagues Legacy Firmware—Why Patching Isn’t Optional

CISA-NIST alert highlights active Tenda W308R cookie hijack on V5.07.48—operators must patch legacy firmware or risk unauthorized IoT control.

Edgerunner 07 May 2026 4 min read

patch-management patch-management cve opinion

Compliance ≠ Security: Why Passing Audits Isn’t Enough

Organizations confuse compliance documentation with true security posture—audit evidence rarely reveals unpatched vulnerabilities like CVE-2026-35051 or CVE-2026-39858.

Edgerunner 06 May 2026 1 min read

cve cve mitre-attack patch-management

Traefik Auth Bypass: What You Must Patch Before It Hits Production

CVE-2026-39858 allows authentication bypass in Traefik proxies pre-2.11.43. Review official patch steps and mitigate exposure.

Edgerunner 06 May 2026 4 min read