Orphaned admin accounts are a hidden AD risk! Instantly find & fix them with the Cleanup-AdminCount PowerShell script-restore security, enable ACL inheritance, and automate compliance. See how it works #ActiveDirectory #PowerShell #CyberSecurity
Orphaned admin accounts are a hidden AD risk! Instantly find & fix them with the Cleanup-AdminCount PowerShell script-restore security, enable ACL inheritance, and automate compliance. See how it works #ActiveDirectory #PowerShell #CyberSecurity
Since its inception in 2013 Microsoft's Active Directory Administrative Center has has a bug whereby if you have selected/highlighted one item (for example the first item at the to top a search result is highlighted automatically), and then you double-click another item on the list, the it will instead open the highlighted item, not the item you just clicked.
This makes it very easy to accidentally modify the wrong AD object if you don't double-check the details of the new window that's opened.
The discovery of this bug 10 years ago marked my decline and subsequent depletion of any remaining faith I had that Microsoft is in any way competent or beneficial, to anyone.
#microsoft #activedirectory
Be quick and become the 2nd follower of #EU_OS on #LinkedIn!
https://linkedin.com/company/eu-os/
I got told everyone on Mastodon uses already #Linux and the project to migrate from #Windows to Linux on the desktop would find a more relevant audience on LinkedIn.
Help EU OS to get what #Microsoft needs to make it go viral on LinkedIn: subscribe, comment, share widely!
A couple of days ago, I unearthed my first #computer, an #MSX straight from the ‘80s. It was lost in some box in the basement for who knows how long. Just feeling its power switch gave me the goosebumps…
This discovery came after sharing my hacker’s origin story with Nic Fillingham and Wendy Zenone in a new episode of Microsoft’s #BlueHat #Podcast.
https://thecyberwire.com/podcasts/the-bluehat-podcast/52/notes
Join us while we chat about my first-ever #CVE, overlooked #vulnerabilities that continue to pose significant risks today, #ActiveDirectory and #password security, my unexpected journey into #bugbounty hunting and my involvement in the #ZeroDayQuest, how to learn new things, mentorship and positive leadership, and of course pineapple pizza
A nice post that provides an overview about kerberos relaying
https://decoder.cloud/2025/04/24/from-ntlm-relay-to-kerberos-relay-everything-you-need-to-know
iX-Workshop: Active Directory Hardening - Vom Audit zur sicheren Umgebung
Lernen in einer Übungsumgebung: Sicherheitsrisiken in der Windows-Active-Directory-Infrastruktur erkennen und beheben, um die IT vor Cyberangriffen zu schützen.
New Open-Source Tool Spotlight
GOAD (Game of Active Directory) by Orange-Cyberdefense is a lab for pentesting Active Directory environments. With multiple configurations like GOAD-Mini and SCCM labs, it helps security professionals practice AD attack techniques. Caution: Designed for isolated lab use only. #ActiveDirectory #Cybersecurity
Project link on #GitHub
https://github.com/Orange-Cyberdefense/GOAD
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
A Hands-On Guide to Active Directory Enumeration and Modification with ldap3
Learn to interact with Active Directory using Python’s ldap3 library for enumeration and modification tasks.
Snap apps not opening (users from AD domain) #snap #activedirectory
Active Directory : comment mettre en place la délégation de la gestion des GPO ? https://www.it-connect.fr/active-directory-comment-mettre-en-place-la-delegation-de-la-gestion-des-gpo/ #Stratégiedegroupe #ActiveDirectory #GPO
I started a list of tools, useful for pentesters and sysadmins alike, to gain a quick overview of potentially critical vulnerabilities and attack paths within an Active Directory domain.
Exploiting these vulnerabilities might provide pentesters with domain admin privileges rather quickly.
On the other hand, fixing these vulnerabilities is often not that difficult or time-intensive and can massively bolster the security of a domain.
Как некомпетентная безопасница чуть не сорвала борьбу с инсайдерской угрозой
С яркой улыбкой и глубоким декольте она воодушевленно рассказывала коллеге в ИТ-отделе про киберугрозы. Харизма и энергия привлекали внимание, особенно мужчин, но скрывали слабые навыки. Год назад, работая в техподдержке за 40,000 рублей, она увидела вакансии ИБ-специалистов с зарплатами 100,000–200,000. Курсы по кибербезопасности казались пропуском в новую жизнь. Рекрутеры отказывали, пока она не попала на интервью к начальнику ИТ-отдела, не разбиравшемуся в безопасности. Энтузиазм и заученные термины сработали — так она стала безопасником в компании, поставляющей стройматериалы. Малый бизнес с 60 сотрудниками тратил деньги на зарплаты и ремонт офиса, а на безопасность оставался только бесплатный антивирус.
Defending Against Credential-Based Cyberattacks: A Comprehensive Response Guide
Credential-based attacks have become the weapon of choice for cybercriminals, leveraging valid credentials to infiltrate systems undetected. Understanding the mechanics behind these attacks and implem...
Active Directory : le pare-feu est en profil « Public » au démarrage des contrôleurs de domaine, que faire ? https://www.it-connect.fr/active-directory-le-pare-feu-est-en-profil-public-au-demarrage-des-controleurs-de-domaine-que-faire/ #ActiveDirectory #WindowsServer #Astuce
I'd tell the guys at #Microsoft who designed Kerberos delegation in #ActiveDirectory to go to hell, but they're apparently already in it and very much intent on dragging in everyone with them...
New Open-Source Tool Spotlight
Active Directory Certificate Services (AD CS) can be a goldmine if misconfigured. Tools like Certipy simplify enumeration and abuse, leveraging techniques like Shadow Credentials, Golden Certificates, and domain escalation paths (ESC1-ESC11). #CyberSecurity #RedTeam
Certipy's `shadow` command exemplifies ADCS weaknesses. By manipulating `msDS-KeyCredentialLink`, you can take over accounts via PKINIT. It's seamless but devastating for privilege escalation. #Pentesting #ActiveDirectory
Golden Certificates mimic Golden Tickets but target ADCS. Using a compromised CA private key, an attacker can forge certs for domain controllers or users. Certipy automates this process—caution with CA backups. #InfoSec #PKI
Project link on #GitHub
https://github.com/ly4k/Certipy
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
A still-common AD pitfull: using .local for your AD domain name
Patch Tuesday d’avril 2025 : votre Active Directory est-il prêt pour la validation du PAC ? https://www.it-connect.fr/patch-tuesday-davril-2025-votre-active-directory-est-il-pret-pour-la-validation-du-pac/ #ActiveDirectory #Cybersécurité #Kerberos #Windows
Microsoft's Emergency Windows Updates: A Critical Fix for Active Directory Policies
In a swift response to a significant Active Directory issue, Microsoft has rolled out emergency updates to rectify inconsistencies in local audit logon policies, impacting enterprise security protocol...
Connectivity Crisis: Windows Server 2025 Domain Controllers Face Restart Issues
Microsoft's latest update reveals a critical flaw in Windows Server 2025 that disrupts connectivity for domain controllers after a restart, impacting applications and services. IT admins are urged to ...