Security Boulevard

Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit

What Are Shadow Admins in AD? A common problem we encounter within many customer AD environments are accounts that, at first ...
Ars Technica

Remove Domain Admins from vCenter->Administrators

Are there any gotchas to watch out for when removing the domain group "Domain Administrators" from the vCenter local admin group? As a result of that being there, anyone who is a domain admin is also ...
Ars Technica

Best "Practical" Practice w/Domain Admin Accounts/IT Staff...

OK, so like many places. IT staff is domain administrators. I know that is a bad idea and our recent outbreak of a undiscovered version of the conficker worm made that all too apparent. So I wish to ...
Dark Reading

Exploring, Exploiting Active Directory Admin Flaws

No matter how many tools you buy or how many alerts flood the SOC, your security strategy is only as strong as its administration. If attackers can bypass an admin, they can own the system.
Dark Reading

Defending Local Administrator Accounts

In my Tech Insight article in November, I discussed the issue of managing privileged accounts within an enterprise. One area I didn't really touch on was how to protect the local administrator ...
TechRepublic

Protect domain-joined computer passwords with Windows’ Local Administrator Password Solution

Protect domain-joined computer passwords with Windows’ Local Administrator Password Solution Your email has been sent Windows finally includes a tool to manage ...

Windows Updates: Unexpected Server Reboots and Login Disruptions

The Windows security updates, especially for servers from April, have partly severe side effects. Some Windows servers ...
Computerworld

Scenario-based pen-testing: From zero to domain admin with no missing patches required

A look at penetration testing without vulnerabilities, using LLMNR and NBT-NS spoofing to gain a foothold in the environment and elevating to domain administrator. In this post we will look at a ...