Security News

SpyCloud adds a password filter feature to Active Directory Guardian
2021-02-15 02:00

SpyCloud announced it has added a new password filter feature to SpyCloud Active Directory Guardian. SpyCloud Active Directory Guardian now automatically prevents employees from setting risky passwords using a password filter.

Enzoic for Active Directory updates help orgs prevent use of compromised credentials
2021-02-12 02:30

The product is the only Active Directory plugin to check credentials at installation and password creation, and continuously monitor for and detect compromised credentials. The automated tool screens passwords against the dynamic Enzoic database containing billions of exposed credentials.

How to Audit Password Changes in Active Directory
2021-02-04 03:28

Secondly, a given password might be somewhat easy to guess, despite existing password requirements. Password changes only occur via the user or Active Directory administrator.

In the Hacker's Crosshairs: Active Directory
2021-01-27 15:22

Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access. 90 percent of organizations use Active Directory as their primary store for employee authentication, identity management, and access control in their on-premises environments.

Using the Manager Attribute in Active Directory (AD) for Password Resets
2021-01-27 02:25

How can organizations bolster the security of password resets for remote workers? One security workflow might involve having manager approval before IT helpdesk technicians can change a remote worker's password. How can password resets by department managers quickly be configured using built-in features in Active Directory?

Week in review: Active Directory security, Dnsmasq vulnerabilities, how to select a fraud detection solution
2021-01-24 09:00

Dnsmasq vulnerabilities open networking devices, Linux distros to DNS cache poisoningSeven vulnerabilities affecting Dnsmasq, a caching DNS and DHCP server used in a variety of networking devices and Linux distributions, could be leveraged to mount DNS cache poisoning attack and/or to compromise vulnerable devices. Vulnerability management isn't working for cloud security: Here's how to do it rightThree things in life are seemingly guaranteed: death, taxes and high-profile cloud security breaches.

Rethinking Active Directory security
2021-01-19 06:00

In the wake of a cyberattack, Active Directory is sometimes dismissed as just another service that needs to be recovered, and security is an afterthought. Since Active Directory is used as a source from which to sync to other identity stores, any tampering with Active Directory can cause a devastating ripple effect across your identity infrastructure.

Quick Guide — How to Troubleshoot Active Directory Account Lockouts
2020-11-30 04:52

Active Directory account lockouts can be hugely problematic for organizations. The Windows operating system is somewhat limited in its ability to troubleshoot account lockouts, but there are some things that you can do.

How to Prevent Pwned and Reused Passwords in Your Active Directory
2020-11-02 06:35

In a password spraying attack, cybercriminals will often use databases of breached passwords, a.k.a pwned passwords, to effectively try these passwords against user accounts in your environment. Often passwords exposed in other breaches will be passwords that other users are using in totally different environments.

Jumio’s AI-powered identity verification solutions now available for Microsoft Azure Active Directory B2C
2020-09-24 00:00

Jumio announced that its AI-powered identity verification solutions are now available to Microsoft Azure Active Directory External Identities for B2C customers. Azure Active Directory B2C is a customer identity access management solution.