Security news aggregator

Latest coverage for Active Directory

Active Directory manages identities, access, and authentication across Windows networks, making it a target for privilege abuse and lateral movement.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Active Directory is a centralized system that manages user accounts, devices, and permissions within a network domain. It organizes resources hierarchically, enabling authentication and access control across an organization’s IT environment. This structure allows administrators to enforce policies and manage identities consistently.

From a security standpoint, Active Directory is a critical asset because attackers who gain control over it can access or manipulate many network resources. Key risks include credential theft through techniques like Kerberos ticket attacks, privilege escalation by exploiting misconfigured permissions, and persistence via compromised service accounts. Effective defense involves strict access controls, continuous monitoring for unusual account behavior, and regular audits of group memberships and delegated rights to limit exposure.

Volume over time

Weekly headline count for the current query.

Showing 10 most recent headlines Filtered view
Bank Info Security 5 months, 1 week ago

Semperis Buys MightyID to Expand Identity Security

Acquisition Adds Okta and Ping Coverage to Semperis' Identity Security PlatformSemperis has acquired MightyID to extend its identity-first security and cyber resilience strategy beyond Active Directory and Entra ID into Okta and Ping. CEO Mickey Bresman says the deal addresses customer demand for multi-identity provider protection backup recovery and migration.

Bank Info Security 5 months, 1 week ago

Semperis Buys MightyID to Expand Identity Security

Acquisition Adds Okta and Ping Coverage to Semperis' Identity Security PlatformSemperis has acquired MightyID to extend its identity-first security and cyber resilience strategy beyond Active Directory and Entra ID into Okta and Ping. CEO Mickey Bresman says the deal addresses customer demand for multi-identity provider protection backup recovery and migration.

Bank Info Security 11 months, 3 weeks ago

Scattered Spider Exploiting VMware vSphere

Hacking Tactics Linked to Retail, Airline CompromisesThe loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity.

Semperis Warns of Flaw in Windows Server 2025 Delegated Managed Service AccountsA critical cryptographic flaw in Windows Server 2025's delegated Managed Service Accounts, or dMSAs, allows attackers to generate passwords for every managed service account across an Active Directory forest and create a backdoor, Semperis researchers found.

Domain Controllers Commandeered to Distribute Malware, Warns MicrosoftRansomware hackers are hitting up Active Directory domain controllers to boost privileges within compromised networks, warns Microsoft. Nearly eight out of every 10 human-operated cyberattacks involves a breached domain controller. Securing the servers is a challenge.

Semperis CEO Mickey Bresman: AD’s Technical Debt Makes It a Prime Cyber TargetFrom weak service account passwords to sync gaps with cloud platforms, Active Directory’s age is showing. Semperis CEO Mickey Bresman says organizations still underestimate how central AD is to their threat landscape - and the difficulty of fixing what’s been built over decades.

Bank Info Security 2 years, 4 months ago

'Silver SAML' Haunts Entra ID SIngle Sign On Security

Moving From AFDS to Avoid 'Golden SAML' Wasn't A Cure-AllA post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML."