Security News

Five best practices for securing Active Directory service accounts
2025-02-26 15:01

Windows Active Directory (AD) service accounts are prime cyber-attack targets due to their elevated privileges and automated/continuous access to important systems. Learn from Specops Software...

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
2025-02-18 07:04

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via...

How hackers target your Active Directory with breached VPN passwords
2025-02-04 15:01

As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your...

BloodyAD: Open-source Active Directory privilege escalation framework
2025-01-28 05:00

BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques...

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions
2025-01-16 11:20

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. "A simple...

Product showcase: Securing Active Directory passwords with Specops Password Policy
2024-12-04 13:00

Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of...

A Comprehensive Guide to Finding Service Accounts in Active Directory
2024-10-22 11:00

Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due...

Active Directory compromise: Cybersecurity agencies provide guidance
2024-09-26 14:20

Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that compromising it has become almost...

Why ransomware attackers target Active Directory
2024-08-29 04:00

Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology...

Are you blocking "keyboard walk" passwords in your Active Directory?
2024-08-16 14:01

A keyboard walk password typically refers to a password created by moving sequentially over the keyboard keys in a pattern that resembles walking. Some examples of keyboard walk passwords that might look secure at first glance include; 'qwertyuiop', 'Zxcvbnm', and 'iuytrewQ' - but these are predictable and commonly found in compromised password data.