Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Active Directory

Arctic Wolf

CVE-2022-28219: Trivial PoC Exploit Could Lead to Unauthenticated RCE in ManageEngine ADAudit Plus

Jun 30, 2022 By Sule Tatar In Arctic Wolf
On Wednesday, June 29, 2022, Horizon3.ai published a proof-of-concept (PoC) exploit that targets CVE-2022-28219, a critical attack chain that includes unauthenticated XML External Entities (XXE), Java deserialization, and path traversal vulnerabilities that could lead to remote code execution (RCE) if successfully chained together. CVE-2022-28219 impacts Zoho’s ManageEngine ADAudit Plus builds prior to 7060. ManageEngine patched CVE-2022-28219 on March 30, 2022.
Read Post
manageengine

A practical approach to Active Directory Domain Services, Part 7: Cybersecurity and AD

Jun 16, 2022 By Active Directory In ManageEngine

In the first six parts of this blog series, we laid the foundation for beginning to work with and manage Active Directory (AD). With the groundwork out of the way, it is now time to explore the relationship between cybersecurity and AD. Taking this series one step further, this blog provides an overview of which design considerations are important in securing your AD infrastructure against potential security breaches.

Read Post
manageengine

How ADAudit Plus helps you assess your exposure to Follina (CVE-2022-30190)

Jun 13, 2022 By ADAudit Plus In ManageEngine

The recently discovered Windows zero-day vulnerability continues to make news as threat actors across the globe are relentless in their efforts to exploit it. The vulnerability, dubbed Follina, can be exploited when the Microsoft Support Diagnostic Tool (MSDT) is called by a Microsoft Office application using the URL protocol.

Read Post
manageengine

How we make ADSelfService Plus more secure for you

Jun 9, 2022 By ADSelfService Plus In ManageEngine

Security experts around the world are talking about the importance of improving security measures to keep networks safe—and for good reason. We have plenty of examples of how relentless threat actors can be, and we’ve now seen that not even a pandemic can stop or slow down their attacks.

Read Post

Netwrix Password Reset

May 25, 2022 By Netwrix In Netwrix
Netwrix Password Reset is an Active Directory password reset tool that enables users to securely reset or change their own passwords and unlock their accounts from any web browser, desktop or mobile device — without calling the help desk. Are password-related tickets driving up your IT helpdesk costs? Do lockouts and password management headaches frustrate your users and disrupt vital business processes? A self-service password reset tool can solve these problems, but you might be worried that it could increase the risk of attackers slipping into your network.
View Video

Active Directory Security with Netwrix Solutions

May 24, 2022 By Netwrix In Netwrix
Gain peace of mind by securing your Active Directory and Azure AD from end to end. Identify and mitigate security gaps before attackers exploit them. Detect, respond and recover fast from security incidents to minimize downtime and business impact. 95 million AD accounts are attacked every single day. The reason is simple: Active Directory is the gateway to your critical data, applications, and IT infrastructure. How can you protect your business?
View Video
Arctic Wolf

PoC Exploit for Active Directory Certificate Services Vulnerability (CVE-2022-26923) Creates Path to Domain Admin

May 16, 2022 By Sule Tatar In Arctic Wolf
On Tuesday, May 10, 2022, security researcher Oliver Lyak published a PoC exploit for CVE- 2022-26923, a privilege escalation vulnerability impacting Active Directory Domain Services with a CVSS score of 8.8 and high severity. The vulnerability allows a threat actor who has already compromised a user account to elevate privileges to Domain Admin, if Active Directory Certificates Services is running on the domain. Microsoft patched the vulnerability in May’s Patch Tuesday release.
Read Post
splunk

Detecting Active Directory Kerberos Attacks: Threat Research Release, March 2022

May 11, 2022 By Splunk Threat Research Team In Splunk

The Splunk Threat Research Team recently developed a new analytic story, Active Directory Kerberos Attacks, to help security operations center (SOC) analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory (AD) environments. In this blog post, we’ll describe some of the detection opportunities available to cyber defenders and highlight analytics from the analytic story.

Read Post
cyphere

What are Active Directory FSMO roles and How do they Work

Apr 18, 2022 By Editor In Cyphere

The FSMO (Flexible Single Master Operations) roles are vital when it comes to Active Directory. The FSMO roles help keep Active Directory consistent among all of the domain controllers in a forest by allowing only specific domain controllers to perform certain operations. Additionally, Active Directory FSMO Roles are essential for your Active Directory environment’s stability and security.

Read Post
Subscribe to Active Directory

Copyright © 2024 OpsMatters™. All rights reserved.