Attackers are changing their attacks and organizations are not prepared. As many organizations are still trying to secure their environment against traditional attacks, the attackers are now altering their efforts. The attackers are going directly after the core IAM solution for nearly 95% of the world: Active Directory. Attackers are now looking deeper into object and attribute configurations to exploit raw access and functionality within Active Directory. The reality is that many attacks bypass the event logging and look like routine access. Here we will discuss some of the new attacks, and what you can do to deny these attacks.
- Why attackers are changing their attack patterns
- Why attackers are leveraging Active Directory
- What is changing with ransomware
- Why SIEM and AD monitoring solutions are failing to detect new attacks
- The top 5 AD misconfigurations and how you can easily find them in your own environment and secure them
Technical Level: Medium