how an attacker can now change passwords in the Active Directory and you won't know it - ever

no logs

nothing

not one trace

this is the description of the vulnerability but the POC code hasn't been released but that doesn't mean that others are busy developing it because it is so interesting

other sources close to some very important hacks in Belgium say that the Active Directory was the first thing that was attacked and stolen when they found a way to penetrate the network - there are rumours independent of these resources that this was the case at Belgacom

source http://www.aorato.com/blog/active-directory-vulnerability-disclosure-weak-encryption-enables-attacker-change-victims-password-without-logged/

now you can read on from the source above

but do not forget to implement those mitigating stratégies

note = I do not agree that implementing smartcard stratégies throughout the enterprise is expensive or difficult because in my environment we are doing so and we are finding that both are not so - even if most are limiting the use of smartcards to some very special categories of access like administrators, exécutives, Human Resource department and so on but we are NOT using Microsoft smartcard technology

The comments are closed.