Last Week in Security (LWiS) - 2020-05-18

A COM-based lateral movement from @bohops, a new potato windows LPE variant from @splinter_code, a local Windows brute forcer from @DarkCoderSc, and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the previous week. This post covers 2020-05-11 to 2020-05-18. MITRE ATT&CK techniques are in brackets where appropriate.



Tools and Exploits


  • vscode-drawio brings the great open source diagraming tool into VSCode.
  • yubikey-agent simplifies the arduous yubikey setup process to just a single command. This setup does not create an encrypted backup though, so a lost or broken yubikey cannot be restored.
  • lens is a cross platform IDE for managing Kubernetes clusters. Nothing extra needs to be installed on the pods, just run the app and start managing.

This post is cross-posted on SIXGEN's blog.