Security researchers have devised a way to block the recently disclosed PetitPotam attack vector that allows hackers to take control of a Windows domain controller easily. An new version of the ...

Microsoft will disable RC4 by default in Windows Kerberos, pushing organizations to uncover and eliminate longstanding cryptographic weaknesses hidden in legacy ...

Microsoft’s May Patch Tuesday update is triggering authentication errors. Microsoft is alerting customers that its May Patch Tuesday update is causing authentications errors and failures tied to ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication ...

In two previous articles (here and here) I shared some classic Active Directory mistakes people have made that got their companies into serious trouble. Here’s another mistake that on the face of it ...

A recent report from Microsoft reinforces warnings about the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on ...

At our organization I'm responsible for our Windows infrastructure and another guy looks after all the Linux/*nix stuff. We're currently running a domain using Windows 2003 R2 Domain Controllers with ...

A recent report from Microsoft reinforces warns of the critical role Active Directory (AD) domain controllers play in large-scale ransomware attacks, aligning with U.S. government advisories on the ...

Microsoft on Wednesday announced that it has updated its "best practices" advice for securing domain controllers. In general, Microsoft wants organizations to use the Azure Active Directory identity ...

Microsoft squashed 74 security vulnerabilities with its May 2022 Patch Tuesday update, including an important-rated zero-day bug that's being actively exploited in the wild and several that are likely ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has taken the unusual step of removing a bug from its catalog of vulnerabilities that are known to be exploited, and which federal ...

I have my DHCP server (on Sonicwall) configured to give out the domain controller/DNS server ip as primary DNS, for secondary DNS I have set to give out 1.1.1.1, for tertiary 8.8.4.4 Does this comply ...