domain controller – Page 3 – WindowsTechs.com

Non-malicious root causes for multiple failed logon in windows domain

Posted on February 15, 2021 by Onyx

While monitoring SIEM alerts, I saw that there was more than 200 failed logon for a user to several hosts in the domain. Obviously, it was triggered as a brute-force attempt.
Assuming it was not an attack. What are the non-malicious root c… Continue reading Non-malicious root causes for multiple failed logon in windows domain→

APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies

Posted on November 19, 2020 by Elizabeth Montalbano

Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks. Continue reading APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies→

Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

Posted on October 30, 2020 by Elizabeth Montalbano

Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. Continue reading Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug→

Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug

Posted on October 30, 2020 by Elizabeth Montalbano

Tech giant and feds this week renewed their urge to organizations to update Active Directory domain controllers. Continue reading Microsoft Warns Threat Actors Continue to Exploit Zerologon Bug→

Is it possible make a Pass-The-Hash attack with Responder?

Posted on October 18, 2020 by Anonyme

The tool Responder written in Python permits to listen on a specific network card requests and automatically poisoning victims the steal hash NTLMv1 and hash NTLMv2.
The attack Pass-The-Hash permits to connect to a service like SMB.
I am a… Continue reading Is it possible make a Pass-The-Hash attack with Responder?→

Domain controller patch alert! Vulnerability grants domain admin access in 10 seconds

Posted on October 15, 2020 by Abhilash

A critical Active Directory vulnerability (CVE-2020-1472) has been making headlines for being the most notorious elevation of privilege bug because it can affect all computers and domain controllers in an organization.
This high-risk vulnerability, … Continue reading Domain controller patch alert! Vulnerability grants domain admin access in 10 seconds→

What signs suggest that a machine is a Domain Controller?

Posted on October 7, 2020 by John Zhau

Given a group of machines, knowing only that they run Windows with Active Directory, being at the initial recon phase, what are some signs that would strongly suggest a machine is a Domain Controller?
(I’m thinking of checking the basic th… Continue reading What signs suggest that a machine is a Domain Controller?→

Getting Rid of My Domain Controller

Posted on September 4, 2020 by Daniel Fay

JumpCloud helps IT admins quickly migrate off of Active Directory into a comprehensive cloud directory platform. Here’s how.
The post Getting Rid of My Domain Controller appeared first on JumpCloud.
The post Getting Rid of My Domain Controller appeare… Continue reading Getting Rid of My Domain Controller→

Taking over Windows DC as a domain user

Posted on August 8, 2020 by t5j

What do you suggest in order to take over a Windows Domain Controller, given the fact that you gained access to a domain user workstation and so you have domain user credentials?
I have domain user credentials (unprivileged user), and so f… Continue reading Taking over Windows DC as a domain user→

Why domain controller making connection on lsass.exe

Posted on April 1, 2020 by fahim

One of our DC server making auto connection to multiple IP addresses, when i investigated the process, i observed that lsass.exe is making connection, so can anyone help me why the domain controller making auto connection on using process … Continue reading Why domain controller making connection on lsass.exe→