AI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]
Active Directory manages identities, access, and authentication across Windows networks, making it a target for privilege abuse and lateral movement.
Search across headline titles and summaries.
Background for this topic.
Active Directory is a centralized system that manages user accounts, devices, and permissions within a network domain. It organizes resources hierarchically, enabling authentication and access control across an organization’s IT environment. This structure allows administrators to enforce policies and manage identities consistently.
From a security standpoint, Active Directory is a critical asset because attackers who gain control over it can access or manipulate many network resources. Key risks include credential theft through techniques like Kerberos ticket attacks, privilege escalation by exploiting misconfigured permissions, and persistence via compromised service accounts. Effective defense involves strict access controls, continuous monitoring for unusual account behavior, and regular audits of group memberships and delegated rights to limit exposure.
Weekly headline count for the current query.
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]
Strong Active Directory passwords don't have to come at the expense of usability. Specops Software explains how passphrases, breached password protection, and self-service resets can improve security without frustrating users. [...]
Resetting a password doesn't always remove attackers from Active Directory. Specops Software explains how cached credentials and Kerberos tickets can keep attackers authenticated after a reset. [...]
Hybrid work has driven a surge in Active Directory password resets, turning minor lockouts into major productivity drains. Specops shows why remote access, cached credentials, and security policies are fueling the spike. [...]
Generative AI is accelerating password attacks against Active Directory, making credential abuse faster and more effective. Specops Software explains how AI-driven cracking techniques exploit weak and predictable AD passwords. [...]
Microsoft is rolling out a fix for Active Directory issues affecting some Windows Server 2025 systems after installing security updates released since September. [...]
Microsoft has confirmed that the September 2025 security updates are causing Active Directory issues on Windows Server 2025 systems. [...]
Hackers are using a novel technique that combines legitimate office.com links with Active Directory Federation Services (ADFS) to redirect users to a phishing page that steals Microsoft 365 logins. [...]
Kerberoasting gives attackers offline paths to crack service account password, without triggering alerts. Learn from Specops Software how to protect your Active Directory with stronger SPN password policies and reduced attack surfaces. [...]
FBI's Criminal Justice Information Services (CJIS) compliance isn't optional when handling law enforcement data. From MFA to password hygiene, see how Specops Software helps meet FBI standards while also securing your Windows Active Directory. [...]
Think your passwords are strong enough? AS-REP Roasting is back in the spotlight — and it's targeting weak spots in Active Directory. Learn more from Specops Software how attackers exploit missing Kerberos pre-auth and how to stop them with strong password policies. [...]
Hackers don't break in—they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike. [...]
Microsoft has released emergency Windows updates to address a known issue affecting local audit logon policies in Active Directory Group Policy. [...]
Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important systems. Learn from Specops Software about five best practices to help secure your Active Directory service accounts. [...]
A help desk phishing campaign targets an organization's Microsoft Active Directory Federation Services (ADFS) using spoofed login pages to steal credentials and bypass multi-factor authentication (MFA) protections. [...]
As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your organization. [...]
Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. [...]
Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. [...]
A common yet overlooked type of weak password are keyboard walk patterns. Learn more from Specops Software on finding and blocking keyboard walk passwords in your organization. [...]
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking the password hygiene of your Active Directory. [...]