Active Directory

Moving past the madness of manually updated X.509 certificates
Microsoft’s Active Directory (AD) is by far the most widely used enterprise repository for digital identities. Microsoft Active Directory Certificate Services (ADCS) is …

Securing Active Directory accounts against password-based attacks
Traditional password-based security might be headed for extinction, but that moment is still far off. In the meantime, most of us need something to prevent our worst instincts …

Most organizations have no Active Directory cyber disaster recovery plan
Although 97% of organizations said that Active Directory (AD) is mission-critical, more than half never actually tested their AD cyber disaster recovery process or do not have …

Critical ManageEngine ADSelfService Plus RCE flaw patched
A critical vulnerability (CVE-2020-11552) in ManageEngine ADSelfService Plus, an Active Directory password-reset solution, could allow attackers to remotely execute commands …

New propagation module makes Trickbot more stealthy
Trickbot infections of Domain Controller (DC) servers has become more difficult to detect due to a new propagation module that makes the malware run from memory, Palo Alto …

Review: Specops Key Recovery
Mobile device use continues to grow, while an increasingly mobile and remote workforce depends heavily on laptops. To secure those devices, organizations need to implement …

Active Directory password reset best practices
Password change and password reset are terms that are often used interchangeably. However, they are not the same. A user will perform a password change when they remember …

Who is responsible for Active Directory security within your organization?
Over one third (36%) of IT professionals say their organizations are more vulnerable to security threats now than they were five years ago, according to a new Alsid research. …

Microsoft NTLM vulnerabilities could lead to full domain compromise
Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some …

Most companies falsely believe their Active Directory is secure
A majority of companies falsely believe their Active Directory (AD) is secure, according to a new survey conducted jointly by Skyport Systems and Redmond Magazine. The …

Dell open sources DCEPT, a honeypot tool for detecting network intrusions
Dell SecureWorks researchers have developed a tool that allows Windows system administrators to detect network intrusion attempts and pinpoint them to the original source …

Real-time detection and automatic containment of Active Directory attacks
CyberArk announced at RSA Conference new real-time threat detection and containment capabilities to help organizations secure against cyber attacks targeting Microsoft Active …
Featured news
Resources
Don't miss
- Product showcase: iStorage diskAshur PRO3
- As AI tools take hold in cybersecurity, entry-level jobs could shrink
- Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
- How to land your first job in cybersecurity
- World Health Organization CISO on securing global health emergencies