Security News

Microsoft warns: Active Directory FoggyWeb malware being actively used by Nobelium gang
2021-09-28 10:44

Microsoft has warned of a new tool designed to exfiltrate credentials and introduce a backdoor into Active Directory servers that is under active use by the Nobelium threat actor group. The FoggyWeb malware, Microsoft has declared, is designed to target Microsoft Active Directory Federation Services servers, exfiltrating credentials, configuration databases, decrypted token-signing and token-decryption certificates, and to download additional components to set up a permanent backdoor and attack the network more widely.

Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers
2021-09-27 23:15

Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services servers. "Once Nobelium obtains credentials and successfully compromises a server, the actor relies on that access to maintain persistence and deepen its infiltration using sophisticated malware and tools," MSTIC researchers said.

Connect Ubuntu Linux Desktop 21.04 to an Active Directory domain: Here's how
2021-08-03 12:00

Jack Wallen walks you through the steps to join Ubuntu Desktop to Active Directory domains.

Podcast: Why Securing Active Directory Is a Nightmare
2021-07-28 11:01

My guests today are Lee Christiansen and Will Schroeder, the SpecterOps researchers behind a recent report entitled Certified Pre-owned: Abusing Active Directory Certificate Servers, about attack paths in Microsoft Active Directory. Will Schroeder: And the last thing I'll add on to that last kind of point is just the complexity of Active Directory along with, you know, how easy it can occasionally be to where one of the things we've seen and a term we've tried to help kind of push is misconfiguration debt, where we see Active Directory has been in an environment for a long period of time.

eBook: Active Directory Security Tips From the Experts
2021-07-07 02:30

Active Directory is central for many companies and used to authorize access at almost every level. Due to its popularity and importance, AD is a perfect target for 'bad actors.

Microsoft 365 to let SecOps lock hacked Active Directory accounts
2021-07-06 16:53

Microsoft is updating Microsoft Defender for Identity to allow security operations teams to block attacks by locking a compromised user's Active Directory account. Microsoft Defender for Identity is a cloud security service that leverages on-premises Active Directory signals to detect and analyze advanced threats, compromised identities, and malicious insider activity targeting enrolled organizations.

How to improve your organization’s Active Directory security posture
2021-07-06 05:00

Active Directory, a directory service developed by Microsoft for Windows domain networks, is most organizations' primary store for employee authentication and identity management, and controls which assets / applications / systems a user has access to. This makes Active Directory a valuable target for attackers and spur organizations to improve its security.

How to easily join an AlmaLinux server to an Active Directory Domain with Cockpit
2021-06-24 18:40

Jack Wallen shows you just how easy it is to join an existing AlmaLinux server to an Active Directory domain via a web-based GUI. If you've begun deploying AlmaLinux into your data center or your cloud-hosted services, you might have a reason to join those servers to your existing Active Directory domain. To make this work, you'll need an instance of AlmaLinux, a running Active Directory Domain Controller, and a user with sudo privileges.

How to convince your boss that cybersecurity includes Active Directory
2021-06-24 06:00

Because so many organizations rely on a hybrid cloud identity model that holds a central role for on-premises Active Directory, it's a natural conclusion to consider Active Directory be a part of cybersecurity plans. How do you go about convincing your boss about the need to protect Active Directory in the same way you do other parts of the environment? For starters, don't start talking technical.

How to connect Ubuntu Linux Desktop 21.04 to an Active Directory domain
2021-05-13 18:55

Canonical has made it easy for admins to join Ubuntu Desktop to Active Directory domains. One particular feature that network and security admins will greatly appreciate is the ability to easily connect Ubuntu Desktop to an Active Directory domain.