Cyber Defense eMagazine December Edition for 2021
Will you stay one step ahead of Cyber Scrooge this year? Learn new ways to protect your family, job, company & data. December Cyber Defense eMagazine: Cyber Deception Month is here...Defeat Cyber Scrooge! Cyber Defense Magazine December Edition for 2021 in online format #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, International Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES See you at RSA Conference 2022 - Our 10th Year Anniversary - Our 10th Year @RSAC #RSACONFERENCE #USA - Thank you so much!!! - Team CDMG CDMG is a Carbon Negative and Inclusive Media Group.
Will you stay one step ahead of Cyber Scrooge this year? Learn new ways to protect your family, job, company & data. December Cyber Defense eMagazine: Cyber Deception Month is here...Defeat Cyber Scrooge!
Cyber Defense Magazine December Edition for 2021 in online format #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, International Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
See you at RSA Conference 2022 - Our 10th Year Anniversary - Our 10th Year @RSAC #RSACONFERENCE #USA - Thank you so much!!! - Team CDMG
CDMG is a Carbon Negative and Inclusive Media Group.
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Getting Started with Active Directory Security<br />
Evaluating, Benchmarking and Creating a Strategy<br />
By Justin Kohler, Director of BloodHound Enterprise, SpecterOps<br />
Over 90% of the Fortune 1000 use Microsoft Active Directory (AD) <strong>for</strong> identity and access management.<br />
This ubiquity makes AD a prime target <strong>for</strong> attackers because compromising it almost always gives them<br />
the access they need to achieve their goals. Additionally, attackers can compromise AD easily by<br />
manipulating common errors in user identity and privilege.<br />
Consider this scenario: An attacker gets an employee’s credentials through a phishing attack. That user<br />
is a member of the “Help Desk” security group in AD with a low level of privilege. But the Help Desk group<br />
has been nested inside another group that has privileges over a PCI server. Our hypothetical employee<br />
is not supposed to have control over that server, but the group nesting has given them privilege over it<br />
accidentally. That server also has a service account logged in, and it’s simple <strong>for</strong> an attacker to steal<br />
those credentials now that they have control over the server. That service account happens to have the<br />
“Add Member” privilege to the Domain Administrators group, so now the attackers can make themselves<br />
a domain admin. This chain of steps that allows an adversary to escalate privilege and move laterally<br />
through Active Directory is an example of an Identify Attack Path (referred to as “Attack Path” <strong>for</strong> the rest<br />
of this article). Multiple Attack Paths just like this exist in nearly every environment my colleagues and I<br />
examine.<br />
Improving AD security to prevent these attacks requires IT Operations, Security Operations, and Identity<br />
and Access Management (IAM) teams to work together since each owns a portion of securing AD. A<br />
successful strategy must 1) be understandable and defensible to management, 2) give practical solutions<br />
that can realistically be implemented by AD administrators, 3) be measurable so that the organization<br />
can track progress over time, and 4) cannot require changes that greatly interfere with normal business<br />
operations.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>December</strong> <strong>2021</strong> <strong>Edition</strong> 130<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.