Active Directory
Securing Active Directory accounts against password-based attacks
Traditional password-based security might be headed for extinction, but that moment is still far off. In the meantime, most of us need something to prevent our worst instincts …
Most organizations have no Active Directory cyber disaster recovery plan
Although 97% of organizations said that Active Directory (AD) is mission-critical, more than half never actually tested their AD cyber disaster recovery process or do not have …
Critical ManageEngine ADSelfService Plus RCE flaw patched
A critical vulnerability (CVE-2020-11552) in ManageEngine ADSelfService Plus, an Active Directory password-reset solution, could allow attackers to remotely execute commands …
New propagation module makes Trickbot more stealthy
Trickbot infections of Domain Controller (DC) servers has become more difficult to detect due to a new propagation module that makes the malware run from memory, Palo Alto …
Review: Specops Key Recovery
Mobile device use continues to grow, while an increasingly mobile and remote workforce depends heavily on laptops. To secure those devices, organizations need to implement …
Active Directory password reset best practices
Password change and password reset are terms that are often used interchangeably. However, they are not the same. A user will perform a password change when they remember …
Who is responsible for Active Directory security within your organization?
Over one third (36%) of IT professionals say their organizations are more vulnerable to security threats now than they were five years ago, according to a new Alsid research. …
Microsoft NTLM vulnerabilities could lead to full domain compromise
Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some …
Most companies falsely believe their Active Directory is secure
A majority of companies falsely believe their Active Directory (AD) is secure, according to a new survey conducted jointly by Skyport Systems and Redmond Magazine. The …
Dell open sources DCEPT, a honeypot tool for detecting network intrusions
Dell SecureWorks researchers have developed a tool that allows Windows system administrators to detect network intrusion attempts and pinpoint them to the original source …
Real-time detection and automatic containment of Active Directory attacks
CyberArk announced at RSA Conference new real-time threat detection and containment capabilities to help organizations secure against cyber attacks targeting Microsoft Active …
Active Directory flaw impacts 95% of Fortune 1000 companies
Aorato identified a new threatening flaw within Active Directory that enables attackers to change a victim’s password, despite current security and identity theft …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)