Daiichi Sankyo dará a conocer nuevos datos de sus anticuerpos conjugados (ADCs) DXd en el Congreso de la Sociedad Europea de Oncología Médica 2025 (#ESMO25),

Introduction: The recent Hack The Box France Meetup highlighted critical shifts in offensive security, moving beyond standard penetration testing into specialized realms of automated code auditing, proactive purple teaming, and advanced Active Directory Certificate Services exploitation. These disciplines represent the evolving frontline where defenders and attackers battle over enterprise infrastructure security, requiring updated toolkits and methodologies for both red and blue teams.

The company will instead focus its attention on advancing candidates for modalities that include biologics and ADCs.

Izalontamab brengitecan showed signals of activity in patients with pretreated locally advanced or metastatic urothelial carcinoma.

Tubulis is headed to one of the leading cancer R&D conferences with the fifth-largest private biotech fundraise of 2025. The Munich-based ADC biotech will present its first clinical data at the European Society for Medical ...

The article describes a sophisticated attack chain targeting Active Directory environments, leveraging Discretionary Access Control List (DACL) permissions and Active Directory Certificate Services (ADCS) exploits to compromise domain security. The attack begins with the restoration of a deleted object from the Active Directory Recycle Bin, which provides the attacker with a foothold to exploit DACL permissions. DACLs define access rights within Active Directory, and misconfigurations can grant attackers unintended privileges, facilitating lateral movement and privilege escalation. A critical component of this attack is the exploitation of ADCS through the ESC15 technique, which likely involves manipulating certificate templates or request processes to obtain certificates with elevated permissions, ultimately leading to domain compromise. The article mentions the use of Bloodhound, a popular tool for visualizing and analyzing attack paths in Active Directory, which helps attackers identify misconfigured permissions and potential paths for privilege escalation. Organizations must regularly audit DACL settings to ensure that permissions are correctly configured and that no unintended access rights are granted. The ability to restore deleted objects can be a double-edged sword, as it can also be exploited by attackers. Access to the Recycle Bin should be tightly controlled and monitored. ADCS is a frequent target for privilege escalation attacks, and organizations should review and secure certificate templates to ensure that only authorized users can request certificates with elevated privileges. While attackers use Bloodhound to identify attack paths, defenders can leverage it to proactively identify and remediate potential vulnerabilities in their Active Directory environments. This attack chain underscores the complexity and interconnectedness of Active Directory environments, highlighting the need for comprehensive monitoring, regular audits, and robust configuration management practices. Regular audits of DACL permissions and ADCS configurations are essential to identify and remediate potential vulnerabilities. Implementing strict access controls and monitoring for the Active Directory Recycle Bin can prevent unauthorized restorations. Ensuring that certificate templates are configured securely and that only authorized users can request certificates with elevated privileges is crucial. Using tools like Bloodhound defensively can help identify and mitigate attack paths before they can be exploited by attackers. In conclusion, this attack chain serves as a reminder of the critical importance of securing Active Directory environments. By understanding and addressing these vulnerabilities, organizations can better protect themselves against sophisticated attacks targeting their domain infrastructure.