If Active Directory is so critical, why do so many firms take a hands off approach to AD security? In our latest report, we explore that issue and offer some steps organizations can take to secure it.

Federal agencies are advised to counter “Kerberoasting and forged TGT ” attacks—suggesting a worst-case scenario for federal IT networks.

The Microsoft vulnerability dubbed Zerologon is a 10-on-a-10-scale critical flaw in Windows Netlogon. We explain what you need to know about this serious, new vulnerability.

The new DarkSide ransomware variant and Lucifer’s Spawn, a DDoS and crypto-jacking tool, have one thing in common: privilege escalation features designed to fuel lateral movement.

In our latest installment of our QOMPLX Operations series, QOMPLX's Robert Souron discusses Tier 0 administrative accounts, which have oversight of identities in an Active Directory environment and must be secured.

CVE-2020-1350, a wormable Windows DNS server vulnerability, threatens Active Directory domain controllers and network resources.

Active Directory attacks against NTT and supply chain providers in Europe and Asia included the use of Mimikatz to target Active Directory credentials.

The healthcare ISAC (H-ISAC) is advising healthcare organizations to up their game including through the application of better analytic tools to spot authentication-based attacks.

Kerberos Delegation Attacks exploit native delegation features in Active Directory that could allow a threat actor to impersonate users or machines and access services on the network.