Tag: active directory
11 articles

NSA, CISA Warn Federal Agencies of Identity Security Risks
The NSA and CISA are sounding the alarm: identity security risks are now the frontline in federal cybersecurity, with Active Directory and Entra ID being prime targets for cyber attackers. Recent incidents show that nearly 75% of major federal cyber breaches in the last five years involved compromised identities.

AI-Generated Malware Targets Active Directory Environments
Criminals are now leveraging AI to create malicious software, as seen in a recent case where an attacker used an AI-assisted PowerShell script to infiltrate an Active Directory environment. This emerging threat, dubbed "vibe coding," allows attackers to generate software by simply prompting a large language model in plain language.

UK School's Lax Network Security Exposes Sensitive Data
A 17-year-old student gained unrestricted access to a UK school's network, discovering sensitive leadership documents and being able to reset passwords, delete accounts, and even wipe the entire network. The alarming vulnerability was uncovered when the student connected their laptop to the school's Active Directory domain, which surprisingly required no administrator authentication.

Legacy Infrastructure Exposes AI Agents to Hijacking Risks
Legacy infrastructure can put your AI agents at risk of hijacking, as seen with CVE-2025-24813, a remote code execution flaw that lets attackers turn a routine server compromise into a full takeover. An unpatched Internet-facing Apache Tomcat server is all it takes to expose your enterprise to this threat.

Strengthening Active Directory Password Rules Without Frustrating Users
Want to boost your Active Directory password security without driving users crazy? Ditch outdated complexity rules and switch to passphrases - longer, multi-word passwords that are easier to remember and harder for hackers to crack.

Active Directory Breaches Persist After Password Resets
Resetting passwords isn't enough to keep hackers at bay, especially in Active Directory environments where cached credentials and sync delays can leave gaping security holes. Even after a password reset, attackers can still find ways to exploit outdated credentials and gain unauthorized access.

Exchange servers Stunning: 9 in 10 on Outdated Software
With 9 in 10 Exchange servers still running out-of-support software, organizations face a stark choice—accept short-term disruption to upgrade now or leave a wide-open path for attackers to seize entire networks.

Microsoft Entra ID Critical Patch – Must-Have Fix
Heads up: Microsoft has patched a critical Entra ID token-validation bug (CVE-2025-55241) that could let attackers impersonate Global Administrators across tenants. Apply the update, rotate credentials, and review audit logs now to reduce your risk.

Active Directory: Risky Stunning Defaults Endanger Hospitals
When attackers used Kerberoasting to cripple Ascension, Senator Wyden warned Microsoft’s defaults may be putting patients at risk — sparking an FTC probe and a wider debate over vendor responsibility versus hospital readiness. It’s a wake-up call: better identity hygiene and safer out‑of‑the‑box settings could be the difference between uninterrupted care and real harm.

Kerberos zero-day: Critical Emergency Fix You Must Apply
Microsoft’s August 2025 Patch Tuesday includes a publicly known Kerberos zero‑day—apply the update and prioritize domain controllers now to stop attackers from forging tickets or escalating privileges. Also tighten MFA and monitoring while patches roll out to reduce your exposure.

Microsoft Exchange servers: Must-Have Patch for Risky Flaws
Over 29,000 Microsoft Exchange servers are still unpatched, leaving hybrid Active Directory–Azure environments vulnerable to attackers who could seize domain control. If you manage Exchange, now’s the time to inventory, patch, and tighten configurations before adversaries walk through this wide-open door.