Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
certificate
Moving past the madness of manually updated X.509 certificates

Microsoft’s Active Directory (AD) is by far the most widely used enterprise repository for digital identities. Microsoft Active Directory Certificate Services (ADCS) is …

securing Active Directory
Securing Active Directory accounts against password-based attacks

Traditional password-based security might be headed for extinction, but that moment is still far off. In the meantime, most of us need something to prevent our worst instincts …

Active Directory
Most organizations have no Active Directory cyber disaster recovery plan

Although 97% of organizations said that Active Directory (AD) is mission-critical, more than half never actually tested their AD cyber disaster recovery process or do not have …

ManageEngine ADSelfService Plus
Critical ManageEngine ADSelfService Plus RCE flaw patched

A critical vulnerability (CVE-2020-11552) in ManageEngine ADSelfService Plus, an Active Directory password-reset solution, could allow attackers to remotely execute commands …

biohazard
New propagation module makes Trickbot more stealthy

Trickbot infections of Domain Controller (DC) servers has become more difficult to detect due to a new propagation module that makes the malware run from memory, Palo Alto …

key
Review: Specops Key Recovery

Mobile device use continues to grow, while an increasingly mobile and remote workforce depends heavily on laptops. To secure those devices, organizations need to implement …

Active Directory
Active Directory password reset best practices

Password change and password reset are terms that are often used interchangeably. However, they are not the same. A user will perform a password change when they remember …

Active Directory
Who is responsible for Active Directory security within your organization?

Over one third (36%) of IT professionals say their organizations are more vulnerable to security threats now than they were five years ago, according to a new Alsid research. …

Microsoft NTLM
Microsoft NTLM vulnerabilities could lead to full domain compromise

Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some …

numbers
Most companies falsely believe their Active Directory is secure

A majority of companies falsely believe their Active Directory (AD) is secure, according to a new survey conducted jointly by Skyport Systems and Redmond Magazine. The …

fix
Dell open sources DCEPT, a honeypot tool for detecting network intrusions

Dell SecureWorks researchers have developed a tool that allows Windows system administrators to detect network intrusion attempts and pinpoint them to the original source …

Real-time detection and automatic containment of Active Directory attacks

CyberArk announced at RSA Conference new real-time threat detection and containment capabilities to help organizations secure against cyber attacks targeting Microsoft Active …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools