image credit: Unsplash

Attacks abuse Microsoft DHCP to spoof DNS records and steal secrets

December 8, 2023

A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers.

We’re told the attacks – which are usable against servers running the default configuration of Microsoft Dynamic Host Configuration Protocol (DHCP) servers – don’t require any credentials.

Akamai says it reported the issues to Redmond, which isn’t planning to fix the issue. Microsoft did not respond to The Register’s inquiries.

Read More on The Register