Active Directory
ADCS ESC13 Abuse Technique
It is possible to configure an Active Directory Certificate Services (ADCS) certificate template with an issuance policy having an OID group link to a given AD group. This configuration makes AD treat ...
4 Key Takeaways from the BlackBerry Global Threat Intelligence Report
The BlackBerry Global Threat Intelligence Report covers the ransomware landscape, specific attack patterns & summarizes actionable intelligence. The post 4 Key Takeaways from the BlackBerry Global Threat Intelligence Report appeared first on ...
ADCS Attack Paths in BloodHound — Part 1
ADCS Attack Paths in BloodHound — Part 1Since Will Schroeder and Lee Christensen published the Certified Pre-Owned whitepaper, the BloodHound Enterprise team at SpecterOps has been eager to implement Active Directory Certificate Services (ADCS) attack ...
Enzoic for AD Lite Data Shows Increase in Crucial Risk Factors
The 2023 data from Enzoic for Active Directory Lite (also known as Enzoic for AD Lite) data from 2023 offers a revealing glimpse into the current state of cybersecurity, highlighting a significant ...
The Cracks in Microsoft’s Entra ID
Microsoft's Entra ID, previously known as Azure Active Directory Password Protection might not be enough to protect your passwords. The post The Cracks in Microsoft’s Entra ID appeared first on Enzoic ...
Cypher Queries in BloodHound Enterprise
BloodHound Enterprise (BHE) recently saw the addition of a new, game-changing feature: open-ended Cypher searches. For those unfamiliar, Cypher is a declarative query language used for retrieving data from a graph database ...
Debunking MFA Myths: How to Stay Secure
When discussing authentication security, Multi-Factor Authentication (MFA) has been widely touted as a linchpin for securing digital assets. However, as recent trends and reports suggest, MFA, while significant, is not the panacea ...
How to Build a Phishing Playbook Part 1: Preparation
Automating response to phishing attacks remains one of the core use-cases of SOAR platforms. In 2022, the Anti-Phishing Working Group (APWG) logged ~4.7 million phishing attacks. Since 2019, the number of phishing ...
How to manage Active Directory Migration Tools: A Comprehensive Guide
In this article, we will discuss some of the best tips and advice on how you can manage migration tools. We will begin the article with an introduction on what these tools ...
Microsoft Patch Releases: Safeguarding Against Flaws
Microsoft published its monthly Patch Tuesday updates in October 2023, resolving a total of 103 vulnerabilities across its platforms. In the wild, two of these issues were actively exploited. In this blog, ...