One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 6738681 |
| Date de publication | 2022-09-05 02:00:00 (vue: 2022-09-05 10:05:46) |
| Titre | How Azure Active Directory opens new authentication risks |
| Texte | It's been common knowledge for years that local Windows Active Directory networks are vulnerable to NTLM relay and pass-the-hash attacks that can allow attackers to move laterally through networks and access additional machines and resources. Since some of these attacks exploit design decisions in the authentication protocols used inside Windows networks, they cannot be simply patched by Microsoft with changes in software. Organizations need to take defense-in-depth measures that involve stricter configurations and additional controls to protect themselves.With the adoption of hybrid networks, where parts of the networks are local and parts are in the cloud, enterprises now rely on services such as Azure Active Directory (Azure AD) to allow its various machines to authenticate to each other. But Azure AD is quite different from local AD as it uses different protocols and has new features that expand the networking possibilities of organizations. However, according to presentations last month at the Black Hat USA security conference, it also offers new possibilities for attackers.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | access according active additional adoption allow also are article attackers attacks authenticate authentication azure been black but can cannot changes click cloud common conference configurations controls decisions defense depth design different directory each enterprises expand exploit features from full has hash hat here how however hybrid inside involve its knowledge last laterally local machines measures microsoft month move need networking networks new now ntlm offers opens organizations other parts pass patched please possibilities presentations protect protocols quite read relay rely resources risks security services simply since software some stricter such take themselves these through usa used uses various vulnerable where windows years |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.