privilege escalation

Active Directory security: Exploiting certificate services

Active Directory (AD) is crucial for an organization’s identity and access management strategy, but its complex architecture is also a prime zone for overlooked vulnerabilities....

AD360 2 min read Read

Monitoring domain user accounts with elevated access rights

Standard users having elevated privileges is never good news. Accounts such as domain admins, enterprise admins, schema operators, krbtgt, administrators, and replicators, are a few...

General 3 min read Read

A practical approach to Active Directory Domain Services, Part 10: A study into Group Policies and AD

We have covered a plethora of topics on Active Directory (AD) in parts one to nine of this series on Active Directory Domain Services.  In...

Active Directory 4 min read Read

A practical approach to Active Directory Domain Services, Part 9: An AD reality check

Have you looked into some of the most well-known Active Directory (AD) attacks from around the world? Do you understand the nuances of these popular...

Active Directory 5 min read Read

The role of endpoints in the security of your network

Endpoint security is a hot topic of discussion, especially now with so many businesses shifting to remote work. First, let’s define what endpoints are. Endpoints are...

Log360 6 min read Read

Operation panopticon: How a weak IAM strategy led to the security camera hack across organizations

On March 9, 2021, Verkada, a software company that specializes in making security cameras for monitoring physical access control, was subject to a security hack....

AD360 3 min read Read

Azure security 101: Security essentials, logs, authentication, and more

“Where necessity speaks, it demands”. This old saying seems particularly apt right now with the pandemic forcing organizations to completely change the way they think...

Log360 2 min read Read

Ransomware in 2021: What has changed? Detection and mitigation strategy

A ransomware attack is a bug that we can’t shake off. Or perhaps, it can even be called a shape-shifter that somehow finds a way into...

Log360 3 min read Read

Dangerous defaults that put your IT environment at risk: IT security under attack

In this blog in the “IT security under attack” series, we wanted to shed some light on an unfamiliar and seldom discussed topic in IT security:...

Log360 5 min read Read