TL;DR At TROOPERS25, security researcher Fabian Mosch (r-tec Cyber Security) showed a new way to move laterally in Windows: remotely tweak BitLocker settings so a planted file runs under the currently logged-in user on the target. If that user has broad rights, an attacker can quickly fan out. Zero Networks Segment shuts this path down by default – peer-to-peer SMB is denied and the required RPC ports aren’t open unless you’ve explicitly allowed them. No CVE chase needed…
