New flaws identified (CVE-2024-22245 & CVE-2024-22250) in the EAP plugin. Attackers could exploit them to hijack #ActiveDirectory accounts and privileged EAP sessions.
I’ve been on standby in the Art dept all week for an exam. The previous Intel iMacs had been so unreliable, they used to make us come stand by in every other class and especially during exams.
The new Silicon iMacs have been more reliable and problem-free but they still insist on someone coming just in case. Sitting there for 5 hours a day seems like a colossal waste of my talents but who am I to argue with customer requests
After months of searching online for solutions (to no avail), I got the bright idea to set our local AD (we had 3 replicating servers across the site) in the Directory Utility and also set the AD IP address in the hosts file. It solved the login problem once and for all
Apparently when a user logs in, it randomly searches between those 3 AD servers. The one far away always dont authorize the connection hence the issue. #protips#AD#ActiveDirectory
It's about damn time I build myself a legit rack #server to house my growing inventory of electronic goodness! Not sure where I should even start!!! #proxmox server on my #RaspberryPi , or expand my #activedirectory test lab? Ugh decisions decisions 🙄 🤔🙃 :raspberrypi:
You might have missed this pre all the #Microsoft Ignite news, but you can now choose to have #ActiveDirectory password resets remediate the risk for your #EntraID users. https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/remediate-user-risks-in-microsoft-entra-id-protection-through-on/ba-p/3773129. This is a big deal if you are not using #EntraID Self-Service Password Reset flows. I’ve been working with customers a lot lately on enabling risk based conditional access for #Microsoft#EntraID and sometimes they have a different password reset solution that also includes pushing these passwords to things like LDAP, mainframes, etc. And if they dont have a PCS type tool on AD, they don't want to use the #EntraID one because these passwords become out of sync on the different directories. This feature is super helpful for them to remediate risky users after they do a password change on-prem. Give this a look and enable risk based conditional access policies if you can.
“Recently, one of our pen testers found a bastion host during an #Azure assumed-breach #pentest. We were given the credentials of an employee within Azure Active Directory. The pen tester was able to log into SSH with Azure #ActiveDirectory credentials. So, he got onto the bastion host, which was a #Linux box. One of the users on that box made their home directory world readable for everyone. He rifled through that user’s directory and found credentials for Snowflake, a third-party database service. He used those credentials to connect to the 3rd-party provider and gained access to production #data.” - @sethsec on a recent episode of the Cloud Security Podcast.
Local #DNS zones take first priority in #ActiveDirectory. Make sure your #EDR doesn't depend entirely on name resolution... (thanks to Jim Sykora and Jake Hildreth for the great talk!) #WWHF@WWHackinFest
One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.
@RestlessLipSyndrome@davidho I very much dislike the spin of mapping the stupid decisions of Bob the CEO of giving Linda an IT environment where simply opening up #email attachments or URLs - which is part if her job - may cause the whole company get hacked.
We #IT#security professionals need to fix that spin that clearly supports the megacorps selling insecure crap instead of investing in real-world security.
Samba: Neue Versionen beheben mehrere Sicherheitslücken
Durch verschiedene Programmierfehler konnten Angreifer auf geheime Informationen bis hin zum Kerberos-TGT-Passwort zugreifen. Aktualisierungen stehen bereit.
Good Monday morning, Fediverse! I'm looking for my next role, hoping to get #FediHired.
Right now I'm a principal engineer and team lead for certificate infrastructure at a major US company. My day-to-day work focuses on PKI infrastructure/operations, Windows, and Active Directory. I get to help developers understand both the Why and How of the best practices for using certificates, along with keeping the certificate infrastructure humming along.
Working with Information Security, we've implemented company-wide multi-factor authentication for ~30,000 people. I've designed and executed migrating from on-prem PKI (Microsoft ADCS) to Certificates-As-A-Service, which reduced our total operating costs by about half. The includes dropping our datacenter footprint from multiple physical devices down to a couple of VMs.
Outside of the technical responsibilities, I'm mentoring and training junior/new teammates to build their skills and their confidence. Feedback from the management of our development and applications teams is that I've reinvigorated relationships and made certificate discussions something folks look forward to. And while nobody enjoys an outage, both managers and fellow individual contributors have told me that my calm, confident, and methodical presence is critical to both morale and quick resolution.
My current position doesn't offer much in the way of Azure exposure, but in my previous role I built out a Windows Virtual Desktop (now Azure Virtual Desktop, AVD) ecosystem from scratch when the pandemic first began and we had to send everyone to work from home on super-short notice. Nobody missed a day of work for lack of technical resources.
What I want from my next role is either a similar technical lead/principal level infrastructure/operations IC position or moving into management of a similar team.
If you're looking for a technical leader (with or without management responsibilities) to help shape and maintain your Windows/Active Directory environment, someone who can build relationships across a large organization, let's chat. DM me for email or Signal.
Current residence is in Syracuse, NY, but I'm open to relocation.
How would you practice Active Directory?
I am wanting to spin up an Active Directory instance and have some fake users, just to practice working in it and get a deeper understanding....