Preventing samaccountname spoofing and kdc bamboozing

Author: Biju Varghese – The year 2021 has been challenging for users of Microsoft Active Directory. From late December 2020, we saw significant vulnerability disclosures like Zerologon or Print Nightmare that attackers could use to take over an entire domain. Two more vulnerability disclosures this month make things worse. The sAMAccountName spoofing and KDC bamboozling vulnerabilities have made an attacker’s life easy as they have publicly available exploit code. Microsoft releases security patches for these vulnerabilities, and we strongly urge everyone to deploy them at the earliest to protect themselves from domain compromise.