Standard attacks like password spraying, credential stuffing and other brute forcing also apply, especially if the Exchange web access is enabled.
Whether it would be weaknesses of Kerberos, “pass the ticket”, golden ticket, etc. While that may be changing in recent years with more advanced and cloud IAM and directory solutions, the landscape in the last two decades is a domination of Microsoft’s Active Directory.Īs a result of that dominance, many cyber attacks rely on exploiting some aspects of Active Directory.
From my observation, the majority of organization rely on Active Directory for their user accounts. Active Directory is dominant in the enterprise world (as well as the public sector).
0 kommentar(er)
