check before: 2021-02-28
Azure Advanced Threat Protection, Defender
World tenant, Online
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller using the Netlogon Remote Protocol, also known as Netlogon Elevation of Privilege Vulnerability. Defender for Identity already has a detection for this, but this improvement adds capabilities to determine potential encryption and null source account logic detection to the alert, improving accuracy and potential for false positives.
an advanced plan is required to see all details
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose for a plan.