Security news aggregator

Latest coverage for Active Directory

Active Directory manages identities, access, and authentication across Windows networks, making it a target for privilege abuse and lateral movement.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Active Directory is a centralized system that manages user accounts, devices, and permissions within a network domain. It organizes resources hierarchically, enabling authentication and access control across an organization’s IT environment. This structure allows administrators to enforce policies and manage identities consistently.

From a security standpoint, Active Directory is a critical asset because attackers who gain control over it can access or manipulate many network resources. Key risks include credential theft through techniques like Kerberos ticket attacks, privilege escalation by exploiting misconfigured permissions, and persistence via compromised service accounts. Effective defense involves strict access controls, continuous monitoring for unusual account behavior, and regular audits of group memberships and delegated rights to limit exposure.

Showing 1 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

'Silver SAML' Haunts Entra ID SIngle Sign On Security

Moving From AFDS to Avoid 'Golden SAML' Wasn't A Cure-AllA post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign on authentication messages, warn security researchers from Semperis, who unveiled an attack they dub "Silver SAML."