All news with #ldap tag
Mon, November 17, 2025
Amazon MQ Adds LDAP Authentication to RabbitMQ Brokers
🔐 Amazon MQ now supports LDAP authentication for RabbitMQ brokers in all AWS regions, allowing brokers to authenticate and authorize users against LDAP identity providers. Administrators can manage users and assign permissions to topics and queues using credentials stored in their LDAP server. LDAP support can be enabled when creating or updating brokers via the AWS Console, CloudFormation, CLI, or CDK, and remains compatible with standard RabbitMQ LDAP implementations.
Wed, October 22, 2025
NTLM/LDAP Authentication Bypass (CVE-2025-54918) Analysis
🔍 This analysis examines CVE-2025-54918, a critical NTLM/LDAP authentication bypass that enables privilege escalation from a standard domain user to SYSTEM on Domain Controllers. The vulnerability chains coercion (PrinterBug-style) with NTLM relay and packet manipulation to evade channel binding and LDAP signing. The post outlines the attack flow, detection indicators such as empty usernames and LOCAL_CALL flags, and mitigations using CrowdStrike Falcon capabilities.