UK school’s network left wide open for invasion, student found
And the admin password was right in the Active Directory description field
Active Directory manages identities, access, and authentication across Windows networks, making it a target for privilege abuse and lateral movement.
Search across headline titles and summaries.
Background for this topic.
Active Directory is a centralized system that manages user accounts, devices, and permissions within a network domain. It organizes resources hierarchically, enabling authentication and access control across an organization’s IT environment. This structure allows administrators to enforce policies and manage identities consistently.
From a security standpoint, Active Directory is a critical asset because attackers who gain control over it can access or manipulate many network resources. Key risks include credential theft through techniques like Kerberos ticket attacks, privilege escalation by exploiting misconfigured permissions, and persistence via compromised service accounts. Effective defense involves strict access controls, continuous monitoring for unusual account behavior, and regular audits of group memberships and delegated rights to limit exposure.
Weekly headline count for the current query.
And the admin password was right in the Active Directory description field
It was far too easy for a hacker to get the information
Attack enters day 11 and still no public disclosure of what insider claims to be 'deep breach' of Active Directory Exclusive Aviation insiders say Serbia's national airline, Air Serbia, was forced to delay issuing payslips to staff as a result of a cyberattack it is battling.…
Incident responders suggested sweeping improvements following Active Directory database heist Exclusive Cybercriminals broke into systems belonging to the UK's NHS Professionals body in May 2024, stealing its Active Directory database, but the healthcare organization never publicly disclosed it, The Register can reveal.…
Get those patches applied – all the big dogs are abusing it Do you have your VMware ESXi hypervisor joined to Active Directory? Well, the latest news from Microsoft serves as a reminder that you might not want to do that given the recently patched vulnerability that has security experts deeply concerned.…
Government mighty displeased about a shared Active Directory that led to a big data leak Japan's government has ordered local tech giants LINE and NAVER to disentangle their tech stacks, after a data breach saw over 510,000 users' data exposed.…
Akamai says it reported the flaws to Microsoft. Redmond shrugged A series of attacks against Microsoft Active Directory domains could allow miscreants to spoof DNS records, compromise Active Directory and steal all the secrets it stores, according to Akamai security researchers.…
JAXA is having a tough time in cyberspace and outer space, the latter thanks to an electrical glitch Japan's Space Exploration Agency (JAXA) has reported a cyber incident.…
'BingBang' boo-boo affected other internal Microsoft apps, too A misconfiguration in Microsoft's Azure Active Directory (AAD) could have allowed miscreants to subvert Microsoft's Bing search engine – even changing search results. User information including Outlook emails, calendars and Teams messages was also vulnerable.…
Blinking, beeping, and flashing lights, blinking and beeping and flashing... Microsoft is bringing Azure Active Directory Identity Protection alerts to Microsoft 365 Defender to seemingly help IT folks thwart criminals infiltrating corporate networks via compromised users.…
Somewhat counterintuitively, this is being done to improve security Microsoft has created a window of time in which its partners can – without permission – create new roles for themselves in customers' Active Directory implementations.…