Unpatched Windows Server Flaw Threatens Active Directory Users
Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present by default.
Active Directory manages identities, access, and authentication across Windows networks, making it a target for privilege abuse and lateral movement.
Search across headline titles and summaries.
Background for this topic.
Active Directory is a centralized system that manages user accounts, devices, and permissions within a network domain. It organizes resources hierarchically, enabling authentication and access control across an organization’s IT environment. This structure allows administrators to enforce policies and manage identities consistently.
From a security standpoint, Active Directory is a critical asset because attackers who gain control over it can access or manipulate many network resources. Key risks include credential theft through techniques like Kerberos ticket attacks, privilege escalation by exploiting misconfigured permissions, and persistence via compromised service accounts. Effective defense involves strict access controls, continuous monitoring for unusual account behavior, and regular audits of group memberships and delegated rights to limit exposure.
Weekly headline count for the current query.
Attackers can exploit a vulnerability present in the delegated Managed Service Account (dMSA) feature that fumbles permission handling and is present by default.
Active Directory is one of the most vulnerable access points in an organization's IT environment. Companies cannot wait for a real attack to pressure-test their AD recovery strategy.
Clandestine kill switch was designed to lock out other users if the developer's account in the company's Windows Active Directory was ever disabled.
Evolving threats and hybrid identity challenges keep Microsoft's Active Directory at risk.
A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services.
Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.
The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.
With sufficient privileges in Active Directory, attackers only have to create an "ESX Admins" group in the targeted domain and add a user to it.
A Japanese ministry blames a shared Active Directory between merged tech companies Line and South Korea's Naver for a massive data breach last November.
The agency, known as JAXA, has shut down parts of its network as it conducts an investigation to discover the scope and impact of the breach.
Fixes for more than 100 vulnerabilities affect numerous products including Windows, Office, .Net, and Azure Active Directory, among others.
AD bridging extends the reach of your AD domain to non-Windows systems, providing centralized security, single sign-on, and compliance.
There are plenty of AD objects and groups that should be considered tier zero in every environment, but some will vary among organizations.
Azure admins are urged to disable shared key access and implement Azure Active Directory authentication.
One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way.
Standalone product provides permission insights for Active Directory security and compliance.
Microsoft added certificate-based authentication (CBA) to the Azure Active Directory to help organizations enable phishing-resistant MFA that complies with US federal requirements. The change paves the way for enterprises to migrate their Active Directory implementations to the cloud.
IT asset tracker and auditor software has a critical issue with insecure object deserialization that could allow threat actors to execute code, researchers say.
Company to debut its AD capabilities at the 2022 RSA Conference.
Attivo Networks ADSecure-DC solution joins the company’s existing suite of Active Directory protection products.