CVE Series: noPac (CVE-2021-42278 and CVE-2021-42287)
Ready to defend your organization against the critical noPac double vulnerability (CVE-2021-42278 and CVE-2021-42287) that can lead to advanced privilege escalation on Windows systems? Get ahead of the curve in this hands-on course that allows you to both exploit and mitigate this vulnerability with potentially significant, far-reaching impacts.
Exploiting the noPac Attack
Identifying the noPac Attack
Introduction and Background
Mitigating the noPac Attack
Who should take this course?Our noPac double vulnerability (CVE-2021-42278 and CVE-2021-42287) course is designed for anyone defensive and offensive security professionals. Penetration testers, red teamers, security and vulnerability analysts, and system administrators can take this course to learn how to protect against this critical vulnerability impacting enterprise systems or to exploit the vulnerability in their own testing activities.
Why should I take this course?Following in the footsteps of both the Polkit and Log4j vulnerabilities, the noPac combined vulnerability is powerful and dangerous. In December 2021, the public exploit for noPac was released, which merged two Microsoft Active Directory design flaws. Attackers can exploit CVE-2021-42287, a privilege escalation flaw, as well as CVE-2021-42278, a security bypass vulnerability, to quickly gain access to a compromised system's domain controller in a matter of seconds. When exploited, adversaries can leverage noPac to escalate privileges to impersonate a domain administrator, where they can initiate a ransomware or domain takeover attack.
It is important to patch this double vulnerability as soon as possible, because it has put many systems at risk. Our course discusses the official patch, as well as additional methods for mitigating and preventing exploitation of the vulnerability that depend on your system preferences. Gain hands-on experience with exploiting and mitigating this vulnerability in a secure virtual lab environment, giving you the skills you need to protect your organization.
What makes this course different from other courses on similar topics?This course specifically covers a critical vulnerability that could affect your organization. By the end of this course, you will be able to:
This course is taught by Raymond Evans, a member of the CyDefe team. CyDefe develops and operates capture-the-flag (CTF) style environments, and this course focuses on presenting learners with virtual labs where you can dirctly apply what you've learned.