Microsoft Active Directory debuted 22 years ago. In computer age, that’s old technology. Threat actors like old technology because it often has legacy code or processes that are not secured to modern standards or organizations have not kept up with patches and recommended settings.
Derek Melber, chief technology and security strategist for Tenable, discussed Active Directory risks at this year’s RSA conference. Attackers target domains. If they see a device joined to Active Directory, they will continue with the attack. If they don’t see a domain-joined machine, they will go on to another workstation. Below are some examples of how attackers can exploit legacy Active Directory vulnerabilities
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
