Collaborate Disseminate
Is it possible, with NT Authority/SYSTEM access, to reuse mscash2 credentials in any way on a local system or AD network? Perhaps with runas /savecred or mimikatz or something similar? I know that the mscash2 cannot be passed in a traditio… Continue reading Abusing Saved mscash2 Credentials in Active Directory
I am trying to figure out the source of Non-Interactive logon failure on my AD. I’m getting a huge number of login failure events on an AD auditing tool but I’m not sure how to figure out the source of these events. Can someone please assi… Continue reading Source of Non-Interactive login in active directory [closed]
Cybersecurity asset management does not come with the excitement following the metaverse, blockchain, or smokescreen detection technologies, but it is essential for the protection of corporate infrastructure. It is no secret that just one vulnerable, u… Continue reading The security gaps that can be exposed by cybersecurity asset management
I just want to confirm behavior of Kerberos and how the tickets work, as I only have a basic understanding. From what it sounds like, the user’s password hash is only used to gain the initial TGT. After that, if the TGT is valid, they are … Continue reading Kerberos TGT behavior after password change
Okta, an enterprise identity and access management company, has published… Continue reading Okta Claims Only 2.5% Customers Were Impacted by Lapsus$ Group Hack
I’ve enabled DS audits in domain controller group policy:
Then I perform dcsync attack with a normal user account, and check the logs in ELK:
Two logs were created and the DS-Replication-Get-Changes-All log is generated correctly, and no… Continue reading Incomplete information in dcsync logs [migrated]
PowerShell is an essential tool for IT admins, and it makes it easy to audit Active Directory user accounts with the Get-AdUser command. In this guide, we’re going to detail how to get started with the popular Active Directory cdmdlet. Introduction to the Get-AdUser PowerShell cmdlet The Get-AdUser cmdlet is one of the most popular Active […] Continue reading Get-AdUser: How to Audit Active Directory Users with PowerShell
In this guide, I’ll provide information on Azure Active Directory (Azure AD) Connect V2 and walk you through the installation and configuration of it. Microsoft states that the most common topology is a single on-premises forest, with one or multiple domains, and a single Azure AD tenant. My guide will follow this topology, using a […] Continue reading How to Install and Configure Azure AD Connect V2
Microsoft has launched a new multi-stage access reviews feature for Azure AD customers. The new capability is currently available in public preview, and it enables organizations to configure access reviews in sequential stages for resource owners and auditors. Microsoft’s Azure Active Directory access reviews feature allows organizations to set up policies to review users’ access […] Continue reading Microsoft Announces Public Preview of Azure AD Multi-Stage Access Reviews
Microsoft has published its monthly roundup of all the new features and capabilities added to the Microsoft 365 subscription service. This month, the Redmond giant has highlighted several improvements made to the Windows 365 Cloud PC service, Microsoft Teams, Yammer, more. Here is a look at everything you need to know. Windows 365 Cloud PC […] Continue reading What’s New in Microsoft 365 – February 2022