✔ Pentester/recovering sysadmin ✔ Self-proclaimed Ethical Threat ✔ Active Directory Security Connoisseur ✔ Offensive stuff — securit360.com ✔ Host Cyber Threat POV — offsec.blog ✔ SWAG — swag.ethicalthreat.com 📩 By subscribing, you’ll get exclusive access to industry insights, actionable tips for securing your environments, behind-the-scenes content from my pentests, and updates from someone who keeps a pulse on the ever-changing cyber threat landscape.
Common Active Directory security mistakes attackers count on
|
Security applied blindly is just another outage waiting to happen. Ethical Threat Insight: Active Directory Security Mistakes Active Directory is the backbone of your network, and attackers know it just as well (if not better) than most admins. A staggering amount of breaches don’t require fancy exploits. They rely on common misconfigurations, they count on IT admins not doing the hard things that need to be done to secure an AD environment. These are some of the most frequent (and dangerous) Active Directory security mistakes I see during internal pentests. 1) Weak or reused password 2) Assigning overly broad permissions on OU, Security Groups, and file shares 🎥 I made a short video on how to identify these issues. Watch it here. 3) LAPS deployed but not monitored 4) Deploying Active Directory Certificate Services but never checking for misconfigs 5) Allowing regular users to have local admin rights 6) Including daily use accounts in privileged groups, like Domain Admins 7) Logging into untrusted hosts with Domain Admin accounts 8) Not using Protected Users group 9) Weak LM/NTLM domain settings Yes, all of this is much easier said than done. But with focused effort, knowledge, and expertise, it is absolutely possible. I know this because I work with folks week in and week out who are doing this. You don’t have to go it alone. 👉 Curious if attackers could compromise your Active Directory domain? PS - How it feels sometimes when describing AD permissions 😅 All the best
"Spirit of a hacker heart of a defender" |
Spencer Alessi
✔ Pentester/recovering sysadmin ✔ Self-proclaimed Ethical Threat ✔ Active Directory Security Connoisseur ✔ Offensive stuff — securit360.com ✔ Host Cyber Threat POV — offsec.blog ✔ SWAG — swag.ethicalthreat.com 📩 By subscribing, you’ll get exclusive access to industry insights, actionable tips for securing your environments, behind-the-scenes content from my pentests, and updates from someone who keeps a pulse on the ever-changing cyber threat landscape.
Downtime is decided months before the attack. Ethical Threat Insight: Surviving a Ransomware Attack A DC‑area Reddit thread described days of disruption after a hospital system was reportedly hit by Rhysida ransomware. How much was the ransom? ~$3 million USD at the time of the incident. 😲 It’s a painful, real‑world reminder: your ability to operate “offline” is the difference between chaos and continuity. The time to have a plan and to prepare is before the proverbial SHTF. 6 ways to prepare...
Who you choose to test your environment matters just as much as what they test. Ethical Threat Insight: Internal Pentest Report Red Flags If you know a little bit about me, you know internal pentesting is kind of my thing. I’ve done more than 120 internal pentests in the last 5 years. What I have come to realize is that not all internal pentests are created equal, especially when it comes to reporting. Most internal pentest reports look impressive at first glance, but after you dig into them...
Attackers thrive on easy targets, don’t be one. Ethical Threat Insight: How insecurely installed 3rd-party software can hurt you Single, high-value action to do today: audit any recently installed third-party Windows software for who can write files where it installs…then lock it down. Why that matters: attackers don’t need complex exploits if they can abuse commonly overlooked issues. Like insecure software installs and writable system locations. Fixing those stops a huge class of easy...