Ten Active Directory Misconfigurations that Lead to Total Domain Compromise

March 13, 2019

Introduction: Active Directory Security Risks Why is Microsoft Active Directory (AD) the business world’s most targeted asset? Because with just a few queries to AD from a compromised endpoint, attackers obtain all the information they need to steal domain admin credentials and move laterally to high-value assets. Put another way: Attackers gain control of an organization’s vital assets simply by compromising a single domain-connected endpoint. The AD database exposes all identities and resources on the corporate network to any domain-connected user; AD authorizes users (whether legitimate or nefarious) to use its built-in query capability to locate sensitive information.

Spotlight

The DigiTrust Group

The DigiTrust Group is a leading global provider of offensive cyber security consulting and defensive managed services with a focus on continuous incident response. We provide seamlessly integrated incident management, monitoring and response to strengthen our client organizations' defense against cyber security breaches. Our elite Security Operations Center teams actively hunt and eject threat actors targeting our client organizations using cutting-edge proprietary technology and processes. Our offensive teams specialize in advanced adversarial emulation using authentic adversary tactics and techniques to validate the strength of clients' security through the perspective of a real-world threat actor.

OTHER WHITEPAPERS
news image

CyberSecurity Under Stress

whitePaper | August 11, 2022

SecOps teams in the US and UK are being asked to do more with less, leading to higher stress levels that impact both their work and personal lives. The growing risk from cyber attacks is also compounded by significant recruitment and retention issues within cybersecurity.

Read More
news image

Citrix Cloud Services Data Protection Overview

whitePaper | September 29, 2022

Citrix understands that data protection is one of the top priorities for our customers when selecting a cloud service. Data protection is also a rapidly-evolving domain and requires enterprises to assess more information over time about the data handling practices of their vendors.

Read More
news image

ZTE Cybersecurity White Paper 2021

whitePaper | October 29, 2021

Telecommunications equipment and systems, as critical infrastructure for a nation, have been widely valued by governments, operators, and users worldwide. Currently, the deployment of 5G has begun. Featuring faster speed, greater network capacity, and ultra-low latency, 5G will redefine the operation of critical infrastructure from the factory floor to the cloud. Its new technologies including Software-Defined Networking (SDN), Network Function Virtualization (NFV), Multi-access Edge Computing (MEC), and network slicing are paving the way for smart cities, remote surgery, autonomous vehicles, and large-scale Internet of Things (IoT) connectivity.

Read More
news image

Cybersecurity for Industry

whitePaper | November 24, 2022

This white paper provides an overview of “Cybersecurity for Industry.” It describes the threats and hazards to which industrial automation systems and production plants are exposed and introduces concepts for minimizing these risks and instituting a level of protection that’s acceptable on economic as well as security grounds.

Read More
news image

Upchain Security Whitepaper

whitePaper | October 26, 2022

Upchain is a cloud-based product data management and product lifecycle management software that offers benefits of PDM/PLM through web browsers, APIs, CAD and Microsoft Office plugins, while securely processing customer data in the cloud.

Read More
news image

Cyber Security After the Pandemic

whitePaper | April 29, 2021

The cyber security industry has faced two major sets of challenges over the last twelve months. The attacks and exploits affecting Solar Winds, Accellion, Microsoft and their customers have focused attention on supply chain risk, but the impact of the coronavirus pandemic has been felt more broadly across cyber security domains and disciplines.

Read More

Spotlight

The DigiTrust Group

The DigiTrust Group is a leading global provider of offensive cyber security consulting and defensive managed services with a focus on continuous incident response. We provide seamlessly integrated incident management, monitoring and response to strengthen our client organizations' defense against cyber security breaches. Our elite Security Operations Center teams actively hunt and eject threat actors targeting our client organizations using cutting-edge proprietary technology and processes. Our offensive teams specialize in advanced adversarial emulation using authentic adversary tactics and techniques to validate the strength of clients' security through the perspective of a real-world threat actor.

Events