Advisory: Flaw in Azure AD Connect Software Can Allow Stealthy Admins to Gain Full Domain Control

Advisory: Flaw in Azure AD Connect Software Can Allow Stealthy Admins to Gain Full Domain Control

Authors: Roman Blachman, Yaron Zinar. We recently reviewed a customer’s network and found that 85%(!) of all users in the network had some unnecessary administrative privilege. The excessive privilege stemmed from an indirect inclusion in a protected admin group. Most Active Directory audit systems easily alert on excessive privileges, but ... Read More