Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Active Directory

A practical approach to Active Directory Domain Services, Part 7: Cybersecurity and AD

In the first six parts of this blog series, we laid the foundation for beginning to work with and manage Active Directory (AD). With the groundwork out of the way, it is now time to explore the relationship between cybersecurity and AD. Taking this series one step further, this blog provides an overview of which design considerations are important in securing your AD infrastructure against potential security breaches.

How ADAudit Plus helps you assess your exposure to Follina (CVE-2022-30190)

The recently discovered Windows zero-day vulnerability continues to make news as threat actors across the globe are relentless in their efforts to exploit it. The vulnerability, dubbed Follina, can be exploited when the Microsoft Support Diagnostic Tool (MSDT) is called by a Microsoft Office application using the URL protocol.

How we make ADSelfService Plus more secure for you

Security experts around the world are talking about the importance of improving security measures to keep networks safe—and for good reason. We have plenty of examples of how relentless threat actors can be, and we’ve now seen that not even a pandemic can stop or slow down their attacks.

Netwrix Password Reset

Netwrix Password Reset is an Active Directory password reset tool that enables users to securely reset or change their own passwords and unlock their accounts from any web browser, desktop or mobile device — without calling the help desk. Are password-related tickets driving up your IT helpdesk costs? Do lockouts and password management headaches frustrate your users and disrupt vital business processes? A self-service password reset tool can solve these problems, but you might be worried that it could increase the risk of attackers slipping into your network.

Active Directory Security with Netwrix Solutions

Gain peace of mind by securing your Active Directory and Azure AD from end to end. Identify and mitigate security gaps before attackers exploit them. Detect, respond and recover fast from security incidents to minimize downtime and business impact. 95 million AD accounts are attacked every single day. The reason is simple: Active Directory is the gateway to your critical data, applications, and IT infrastructure. How can you protect your business?

PoC Exploit for Active Directory Certificate Services Vulnerability (CVE-2022-26923) Creates Path to Domain Admin

On Tuesday, May 10, 2022, security researcher Oliver Lyak published a PoC exploit for CVE- 2022-26923, a privilege escalation vulnerability impacting Active Directory Domain Services with a CVSS score of 8.8 and high severity. The vulnerability allows a threat actor who has already compromised a user account to elevate privileges to Domain Admin, if Active Directory Certificates Services is running on the domain. Microsoft patched the vulnerability in May’s Patch Tuesday release.

Detecting Active Directory Kerberos Attacks: Threat Research Release, March 2022

The Splunk Threat Research Team recently developed a new analytic story, Active Directory Kerberos Attacks, to help security operations center (SOC) analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory (AD) environments. In this blog post, we’ll describe some of the detection opportunities available to cyber defenders and highlight analytics from the analytic story.

What are Active Directory FSMO roles and How do they Work

The FSMO (Flexible Single Master Operations) roles are vital when it comes to Active Directory. The FSMO roles help keep Active Directory consistent among all of the domain controllers in a forest by allowing only specific domain controllers to perform certain operations. Additionally, Active Directory FSMO Roles are essential for your Active Directory environment’s stability and security.

Introduction to Active Directory Security

Active Directory (AD) is legacy technology that was not designed for modern attacks – yet it is still relied on by over 90% of the Fortune 1000 companies. This video highlights how modern attacks like ransomware exploit this “weakest link in your cyber defense”, and why this is a problem you cannot afford to ignore.