Binance compensates the hacker who hacked it!
infosec

Binance compensates the hacker who hacked it!

Binance, the cryptocurrency exchange company, intends to compensate the white hat hacker who breached his domain name and ...
Read More
infosec

The hacker who invaded Capital One has hacked other 30 companies

Further investigation into Paige A. Thompson, the hacker accused of causing data breach on Capital One, showed ...
Read More
infosec

Instantly update Windows 10 users. Critical vulnerabilities identified!

Microsoft warns Windows 10 users to update their operating system immediately because of two critical vulnerabilities. OR...
Read More
infosec

European Central Bank hacked!

The European Central Bank (ECB) closed one of its websites on Thursday after being hacked and infected by a hacker ...
Read More
infosec

Why are wireless routers dangerous to my security?

Despite improving cybersecurity for both business and home users, many popular wireless ...
Read More
Latest Posts

Active Directory is a favorite target of hackers. But why;

Active Directory

Experts security reported the risks that Active Directory faces. The service that is built into most Windows Server operating systems is the key to managing them domain Windows networks. But this hides the danger of being used by hackers.

According to many Information Security professionals, Active Directory is the basic identity platform for many businesses around the world. It is used to connect different systems to each other and as a result has been their primary goal hackers. This is because if someone who attempts to attack is able to get into Active Directory, then he could potentially access all the systems that are connected to that network.

Active Directory

A digital forensic investigation conducted by security company Bitdefender identified a gang Cybercrime also known as Carbanak, which features one malware named Cobalt Strike Beacon. Bitdefender said malware has the ability to run system commands, keyboard capture, capture screenshots, and even develop memory editing tools like Mimikatz or many Active Directory hosts. All of the above can help aspiring hackers gain access to other systems.

Rapid7 made a report titled Under the 2019 Hoodie. There are summarized 180 penetration tests over a nine month period. 40% of the tests focused on identifying weaknesses and exposure to the dangers of the internet. 36% on the other focused on internal network ratings. According to the survey, each business has at least one vulnerability that a hacker can exploit.

Of the vulnerabilities detected during internal testing, Rapid7 stated that 11% contained credentials found in memory, which may possibly allow a hacker to access other systems. Meanwhile, 9% of all internal weaknesses include Kerberoasting.

Active Directory

Kerberoasting is a term devised by Tim Medin. In essence, it is a privilege escalation technique that proves to be very effective in extracting service account credentials in one domain.

Many organizations use it accounts with weaknesses passwords, which have never ended and usually enjoy excessive privileges.

Last June, the general inspector of the ministry said the inadequate management of Active Directory threatened the United States Patent and Trademark Office.

Rapid7 tester Nick Powers, in the company's report, was looking for wireless and internal network vulnerabilities in a system of eight hospitals. There the wireless network was very well locked. But the network had many non-formal ones Appliances, most of which were medical. Some were running outdated versions of Windows. One such had accessed an Active Directory user, which allowed the user to retrieve that user's credentials from memory.

Experts argue that there are specific defenses that should be created and operating in organizations to avoid such problems.

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *