Skip to main content

Tag: active directory

11 articles

Brightly-lit server room with multiple computer workstations symbolizing identity security risks.

NSA, CISA Warn Federal Agencies of Identity Security Risks

The NSA and CISA are sounding the alarm: identity security risks are now the frontline in federal cybersecurity, with Active Directory and Entra ID being prime targets for cyber attackers. Recent incidents show that nearly 75% of major federal cyber breaches in the last five years involved compromised identities.

Analyst 207
Rows of computer equipment racks and monitors in a server room, with a blank laptop screen in the foreground.

AI-Generated Malware Targets Active Directory Environments

Criminals are now leveraging AI to create malicious software, as seen in a recent case where an attacker used an AI-assisted PowerShell script to infiltrate an Active Directory environment. This emerging threat, dubbed "vibe coding," allows attackers to generate software by simply prompting a large language model in plain language.

Analyst 207
A computer lab with generic equipment and cables shows signs of neglect, with a slightly ajar cabinet and exposed wiring.

UK School's Lax Network Security Exposes Sensitive Data

A 17-year-old student gained unrestricted access to a UK school's network, discovering sensitive leadership documents and being able to reset passwords, delete accounts, and even wipe the entire network. The alarming vulnerability was uncovered when the student connected their laptop to the school's Active Directory domain, which surprisingly required no administrator authentication.

Analyst 207
Dimly lit server room with outdated equipment and exposed cables.

Legacy Infrastructure Exposes AI Agents to Hijacking Risks

Legacy infrastructure can put your AI agents at risk of hijacking, as seen with CVE-2025-24813, a remote code execution flaw that lets attackers turn a routine server compromise into a full takeover. An unpatched Internet-facing Apache Tomcat server is all it takes to expose your enterprise to this threat.

Analyst 207
Person sitting at desk with laptop, surrounded by papers, thoughtfully typing or reading in quiet office setting.

Strengthening Active Directory Password Rules Without Frustrating Users

Want to boost your Active Directory password security without driving users crazy? Ditch outdated complexity rules and switch to passphrases - longer, multi-word passwords that are easier to remember and harder for hackers to crack.

Analyst 207
Server room setup with computers and networking equipment in a brightly-lit corporate IT environment.

Active Directory Breaches Persist After Password Resets

Resetting passwords isn't enough to keep hackers at bay, especially in Active Directory environments where cached credentials and sync delays can leave gaping security holes. Even after a password reset, attackers can still find ways to exploit outdated credentials and gain unauthorized access.

Analyst 207
Exchange servers Stunning: 9 in 10 on Outdated Software

Exchange servers Stunning: 9 in 10 on Outdated Software

With 9 in 10 Exchange servers still running out-of-support software, organizations face a stark choice—accept short-term disruption to upgrade now or leave a wide-open path for attackers to seize entire networks.

Analyst 207
Microsoft Entra ID Critical Patch – Must-Have Fix

Microsoft Entra ID Critical Patch – Must-Have Fix

Heads up: Microsoft has patched a critical Entra ID token-validation bug (CVE-2025-55241) that could let attackers impersonate Global Administrators across tenants. Apply the update, rotate credentials, and review audit logs now to reduce your risk.

Analyst 207
Active Directory: Risky Stunning Defaults Endanger Hospitals

Active Directory: Risky Stunning Defaults Endanger Hospitals

When attackers used Kerberoasting to cripple Ascension, Senator Wyden warned Microsoft’s defaults may be putting patients at risk — sparking an FTC probe and a wider debate over vendor responsibility versus hospital readiness. It’s a wake-up call: better identity hygiene and safer out‑of‑the‑box settings could be the difference between uninterrupted care and real harm.

Analyst 207
Kerberos zero-day: Critical Emergency Fix You Must Apply

Kerberos zero-day: Critical Emergency Fix You Must Apply

Microsoft’s August 2025 Patch Tuesday includes a publicly known Kerberos zero‑day—apply the update and prioritize domain controllers now to stop attackers from forging tickets or escalating privileges. Also tighten MFA and monitoring while patches roll out to reduce your exposure.

Analyst 207
Microsoft Exchange servers: Must-Have Patch for Risky Flaws

Microsoft Exchange servers: Must-Have Patch for Risky Flaws

Over 29,000 Microsoft Exchange servers are still unpatched, leaving hybrid Active Directory–Azure environments vulnerable to attackers who could seize domain control. If you manage Exchange, now’s the time to inventory, patch, and tighten configurations before adversaries walk through this wide-open door.

Analyst 207