Active Directory Blogs - Page 2 of 4 - Attivo Networks

PetitPotam Attack – Have You Hardened Your Active Directory?

Reading Time: 2 minutes
Written by: Venu Vissamsetty - VP Security Research, Attivo Networks - Security researcher Gilles Lionel recently disclosed an attack technique named PetitPotam, allowing attackers to achieve domain compromise with just network access to the Enterprise infrastructure. The technique is a classic NTLM relay attack on ...
Read More

Credentials Harvesting from Domain Shares

Reading Time: 3 minutes
Written by: Vikram Navali, Senior Technical Product Manager - Credentials Harvesting is an attack technique adversaries employ after establishing a foothold inside an organization. The technique is to harvest or amass numerous credentials (username/password combinations) for reuse. It helps adversaries move internally to higher-value assets ...
Read More

Credential Dumping by Exploiting Security Support Provider

Reading Time: 2 minutes
Written by: Vikram Navali - Senior Technical Product Manager -Windows operating systems have authentication mechanisms to automatically execute libraries or programs when the computer system boots up or during the user account login. The organization can configure this function by placing these programs at designated ...
Read More

Protecting Your Active Directory from AdminSDHolder Attacks

Reading Time: 2 minutes
Written by: Vikram Navali, Senior Technical Product Manager - Cybercriminals often look at different methods to gain an organization’s sensitive data. One common way is to abuse the AdminSDHolder object in Active Directory. This blog discusses how attackers can add accounts with sufficient access to ...
Read More

Detecting Unconstrained Delegation Exposures in AD Environment

Reading Time: 2 minutes
Written by: Vikram Navali, Senior Technical Product Manager - Active Directory misconfigurations can lead to total domain compromise of an organization. Once an attacker gets a foothold on a compromised network, it can discover AD misconfigurations and gain higher-level privileges to access the domain. A ...
Read More

Attivo Networks Solutions Address the RH-ISAC 2021 Focus Areas

Reading Time: 5 minutes
Authored by: Carolyn Crandall, Chief Security Advocate, Attivo Networks - There is an old English curse: “May you live in interesting times.” To call 2020 an “interesting” year is probably a severe understatement, but—thankfully—2021 shows signs of returning to “normal”. The COVID-19 vaccine rollout is ...
Read More
Protecting Active Directory

Recent Attacks Command New Innovation for Stronger Active Directory Security

Reading Time: 4 minutes
Authored by: Carolyn Crandall, Chief Security Advocate and CMO, Attivo Networks - The new year is in just its third month, but large-scale cyberattacks have already made headlines worldwide. Research continues to reveal new fallout from the SolarWinds attack, and the world is bracing for ...
Read More

Hafnium Microsoft Hack– Active Exploitation of Microsoft Exchange and Lateral Movement

Reading Time: 2 minutes
Written by the Attivo Research Team - Contributing members: Gorang Joshi, Anil Gupta, Saravanan Mohan - Microsoft and Volexity have confirmed the active exploitation of vulnerabilities published by Microsoft in Exchange Server. Security research has attributed the exploitation to the Advanced Persistent Threat group known ...
Read More

Sunburst and Breaking the Kill-Chain

Reading Time: 4 minutes
Written by: Tony Cole, CTO - Sometime in early 2020, the SolarWinds Orion software build process had malicious code injected into it. Enterprises around the globe widely deploy this network management and monitoring software. Unsuspecting companies did their regular patch and update cadence when SolarWinds ...
Read More

Thoughts on the Senate Hearing and Risky Backdoors

Reading Time: 5 minutes
Written by: Tushar Kothari, CEO What Happened SolarWinds develops and sells IT monitoring and management solutions that are deployed widely across the globe. Sometime in 2020, attackers compromised their build process and embedded malicious code into an update of their Orion software, impacting a subset ...
Read More

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise
Scroll to Top