Resources
Blog
How to Detect and Prevent Identity-Based Attacks
Learn how to detect identity-based attacks, recognize common threats like credential theft and privilege escalation, and protect your infrastructure.
Microsoft Teams HIPAA Compliance: 5 Critical Factors
Learn how service principal names work in Active Directory and how to manage SPNs securely, troubleshoot authentication issues, and protect against vulnerabilities.
Introducing Guardian Protector
Stop blind spots in AD, Entra ID & M365. Get free real-time threat detection, live change monitoring, and a community-backed threat library.
Service Principal Name Manual for Active Directory Security
Learn how service principal names work in Active Directory and how to manage SPNs securely, troubleshoot authentication issues, and protect against vulnerabilities.
Privilege Elevation: Security Risks & Management Guide
Learn how privilege elevation attacks threaten enterprise security and how to implement effective delegation management frameworks to protect your infrastructure.
Force AD Replication: A Complete Manual to Active Directory Sync
Learn how to force AD replication using command line tools and GUI methods. This complete guide includes step-by-step instructions for Active Directory sync.
When AD Recovery Failure is Not An Option
Active Directory downtime can cost millions and destroy trust. Learn why traditional backups fail, the hidden risks of reinfection, and how to ensure instant, trusted AD recovery that keeps your business running.
HIPAA Audit Log Requirements: A Complete Manual
This complete guide to HIPAA audit log requirements for 2025 will help you learn essential logging practices, implementation strategies, and compliance best practices for healthcare organizations.
Certificate-Based Authentication: Security Manual for Entra ID
Learn how to secure certificate-based authentication in Entra ID environments, detect attack vectors, and implement defense strategies against misconfigur86ations.
Zerologon Vulnerability: The Critical AD Exploit Explained
Learn how the Zerologon vulnerability (CVE-2020-1472) exploits Active Directory cryptographic flaws, including attack methods and essential protection strategies.
Identity Security Posture Management: What You Need to Know
Learn what identity security posture management is, how it addresses security challenges, and the implementation steps you can take for stronger identity protection.
Beyond Access: How Healthcare IT Can Cut Costs, Shrink Attack Surfaces, and Protect Patient Data with Smart Automation
In healthcare, behind every login is a nurse, a physician, and—most importantly—a patient in need. When identity systems fail, care delivery comes to a halt. That reality has been underscored by recent breaches, where stolen credentials, dormant admin accounts, and lateral movement across hybrid systems have caused not just IT outages, but also treatment delays, patient diversions, and canceled surgeries.
Making the Most of Your Microsoft Ignite 2025 Experience
Check out this complete guide to Microsoft Ignite 2025 at the Moscone Center in San Francisco. Get tips for sessions, networking, and accommodation to maximize your experience.
Cayosoft Administrator 12.3.1: Smarter Scopes, Safer Administration
The latest release of Cayosoft Administrator provides enhanced control, flexibility, and protection for your hybrid Microsoft management workflows.
Reimagining Hybrid Identity Security with ISRM built around the evolution of ITDR+R
Identity Resilience Surface Management (IRSM) boosts hybrid identity security across AD, Entra ID, Intune, and M365 with a full-stack ITDR+R approach.
MFA Fatigue Attacks: How They Work and Prevention Strategies
Learn how MFA fatigue attacks exploit authentication weaknesses and discover proven strategies to protect your organization from these threats.
DHS Releases Over $100M in Cybersecurity Grants—Here’s What It Means for Public Sector Identity Protection
On August 1, 2025, the U.S. Department of Homeland Security (DHS), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) and FEMA, announced more than $100 million in new funding to support cybersecurity improvements across state, local, and tribal governments.
ITDR Solutions: How to Detect and Block Identity Threats
A complete guide to ITDR solutions for identity threat detection and response. Learn key features, benefits, and implementation strategies.
Spot the Intruder Before the Breach: New Honey Account Detections in Cayosoft Guardian
Detect intrusions early with honey account detection in Cayosoft Guardian. Get real-time alerts on brute-force, Kerberos, and AD reconnaissance attacks.
Downtime Is Dangerous: Why Identity Resilience is Now Mission-Critical for Healthcare
In healthcare, downtime is more than a technical inconvenience—it’s a patient safety issue. When clinicians can’t access EHR systems, when prescriptions are delayed, or when admissions grind to a halt, the consequences can be fatal.
Protecting Active Directory Against Pass-the-Hash Attacks
TL;DR Pass-the-Hash attacks allow cybercriminals to steal hashed credentials and impersonate legitimate users in Active Directory environments without ever knowing actual passwords, enabling them to move laterally through networks and escalate privileges. This article explains how Pass-the-Hash exploits work, how to detect suspicious activity, and provides essential strategies to protect
Microsoft Teams: The New Playground for Social Engineering and Ransomware Attacks!
Microsoft Teams ransomware exploits trusted chats to bypass defenses. Learn how social engineering turns Teams into a threat playground & how to fight back.
A New SharePoint Flaw Is an Identity Crisis in Disguise
CVE-2025-49704 landed with a thud in Microsoft’s security feed this week. On the surface, it appears to be “just another SharePoint bug.” In reality, it’s a front door into the most critical layer of your business: identity.
The CIO’s Manual to Identity Threat Detection and Response (ITDR)
Learn ITDR strategies for CIOs to protect enterprise identities with threat detection and response systems that go beyond traditional security approaches.
Active Directory Forest Recovery: A Manual for IT Teams
Learn key strategies and best practices for forest recovery implementation, including automated solutions and validation steps for optimal directory restoration.
Security Group vs. Distribution Group: Key Differences Explained
Learn the key differences between security groups and distribution groups in Active Directory, their specific use cases, and best practices for efficient management.
Microsoft’s Intune Baseline Rollback Bug: What IT Leaders Need To Know
Microsoft’s Intune Baseline rollback bug silently deleted security configs during baseline upgrades. Discover how to identify these subtle changes.
Cayosoft Guardian vs. Quest Change Auditor
Learn how Cayosoft Guardian outperforms older solutions like Quest Change Auditor and why many teams are making the switch.
Understanding ESC1 Active Directory Attacks
A deep dive into ESC1 attacks: technical mechanics, attack vectors, and essential prevention strategies to protect your Active Directory infrastructure.
AdminSDHolder: A Critical Active Directory Security Guide
Learn how AdminSDHolder protects privileged Active Directory accounts, understand potential security risks, and implement robust safeguards for your AD infrastructure.
New in Cayosoft Guardian: Password Hash Analysis to Detect Breached Passwords
Discover the top five privileged access management best practices to strengthen your security posture, reduce risks, and protect critical digital assets across your enterprise.
Top 5 Privileged Access Management Best Practices
Discover the top five privileged access management best practices to strengthen your security posture, reduce risks, and protect critical digital assets across your enterprise.
Digital Forensics and Incident Response: Real-Time Security
Learn how digital forensics and incident response strategies can protect your organization from costly ransomware attacks while optimizing security resources.
How to Maximize IT Efficiency with Active Directory Automation
Discover how Active Directory automation streamlines IT operations, enhances security, and boosts efficiency. Learn key features and benefits.
The Essential Guide to Entra ID Certificate Management
Discover comprehensive strategies for Entra ID certificate management in 2025, including best practices, security enhancements, and automated solutions.
Microsoft Teams Governance Best Practices in 2025
Discover essential Microsoft Teams governance strategies and best practices for 2025. Learn how to implement effective policies, secure data, and automate management.
Rogue Domain Controllers: Strategies for Detection & Prevention
Discover comprehensive strategies to detect and prevent rogue domain controller attacks in Active Directory environments.
Active Directory Attacks: All You Need to Know in 2025
Discover essential prevention methods, detection techniques, and recovery solutions to defend against Active Directory attacks in 2025.
Enterprise Access Model: Microsoft’s Security Strategy
Discover how the enterprise access model enhances security through tiered infrastructure, privileged access management, and advanced monitoring.
Identity Governance and Administration: The Keys to Security in 2025
Discover how identity governance and administration strengthen security in 2025. Learn about essential components, essential tools, and best practices for effective access management.
Understanding SMB Vulnerabilities: Security Risks & Prevention
Discover critical SMB protocol vulnerabilities and learn effective strategies to protect your network infrastructure with comprehensive security measures.
Active Directory Forest Recovery – Four Pillar Framework
Discover the Four Pillars of Active Directory Forest recovery. Learn how proactive strategies and Zero Trust principles ensure secure, hybrid-ready AD forest recovery.
Office 365 Data Loss Prevention: How to Secure Your Business
Discover essential strategies for implementing Office 365 data loss prevention to safeguard sensitive information, prevent data breaches, and ensure compliance.
How to Configure Entra ID Password Policy
Discover essential guidelines for configuring and managing Entra ID password policies. Learn best practices, NIST standards, and security measures.
Active Directory Setup Guide: Key Steps for 2025
Discover essential steps and best practices for active directory setup. Learn about security policies, compliance requirements, and management solutions.
Understanding Active Directory Attributes: A Complete Guide
Discover essential Active Directory attributes for user data management. Learn key functions, best practices, and tips to optimize your directory infrastructure.
Fortify Active Directory Security with Cayosoft: Active Directory Hardening Best Practices for 2025
Discover comprehensive Active Directory hardening strategies for 2025, including security controls, monitoring tools, and automation solutions to protect your AD infrastructure effectively.
Understanding NTDS.DIT: Active Directory’s Critical Database
Discover essential strategies for managing and protecting the ntds.dit file, including performance optimization, backup practices, and advanced recovery solutions.
Resource-Based Constrained Delegation: Risks Explained
Discover how resource-based constrained delegation works, its security implications, and essential preventive measures to protect your Active Directory environment.
DCshadow Attack: Understanding and Preventing This AD Threat
Learn about DCshadow attacks, their technical mechanics, and how to protect your Active Directory installation. Discover effective detection methods and prevention strategies for this threat.
How to Prevent Man-in-the-Middle Attack
Discover how to enhance Active Directory security through GPO password policy optimization. Learn best practices, implementation tips, and advanced techniques for robust password management.
Enhanced Windows LAPS Password View and Management
Introduction In our commitment to provide robust Active Directory, Entra ID, and M365 security, monitoring, and recovery Cayosoft Guardian is rolling out new features designed to make your security processes more streamlined and secure. With the latest update, we’re introducing modern LAPS management capabilities directly in the product. Feature Highlights
Active Directory Administrative Center: Streamlining AD Management
Discover how the Active Directory Administrative Center streamlines AD management. Learn key features, compare ADAC with ADUC, and explore advanced solutions for efficient operations.
GPO Password Policy: Boosting Active Directory Security
Discover how to enhance Active Directory security through GPO password policy optimization. Learn best practices, implementation tips, and advanced techniques for robust password management.
Active Directory OU: Optimizing Organizational Structure
Learn how to optimize Active Directory OUs for improved security, efficiency, and management. Explore best practices, tools, and strategies.
Understanding the Critical Role of the KRBTGT Account in Security
Explore the critical role of the KRBTGT account in Active Directory security. Learn best practices for management, threat detection, and advanced protection strategies.
Insider Threat Prevention: How to Safeguard Your Organization
Discover comprehensive insider threat prevention strategies, including risk assessments, robust policies, and advanced solutions to safeguard your organization.
Office 365 Security: Best Practices for IT Pros
Discover essential Office 365 security best practices to protect your digital workspace. Learn key strategies for safeguarding data and mitigating threats in the cloud.
Enhanced Security and Deployment with gMSA and AD Connector
In our commitment to provide robust Active Directory, Entra ID, and M365 security, monitoring, and recovery Cayosoft Guardian is rolling out new features designed to make your security processes more streamlined and secure. With the latest update, we’re introducing Group Managed Service Account (gMSA) integration and the AD Connector feature,
Active Directory Logs: Essential Guide for IT Professionals
Discover the power of Active Directory logs for enhanced security and management. Learn how to leverage, analyze, and interpret log data for optimal IT operations.
Password Hash Synchronization: How to Ensure Secure and Easy Access
Explore how password hash synchronization enhances secure and seamless access across on-premises and cloud environments, including benefits, challenges, and best practices.
Active Directory Security Best Practices: Key NSA Guidelines
Most global businesses run hybrid AD environments, and following active directory security best practices is critical when combining on-premises and cloud services to secure both Active Directory (AD) and Microsoft Entra ID (formerly Azure AD). Both systems manage identity and access control, making them prime targets for attackers aiming to
How to Protect AD with Fine-Grained Password Policy
Fine-Grained Password Policy (FGPP) solutions improve security for Service and Tier 0 accounts by applying customized password policies to different user groups in Active Directory, enhancing compliance and protection without compromising usability.
K-12 Ransomware Protection: Securing Schools’ AD & Entra ID
As K-12 schools increasingly rely on digital services and key infrastructure such as Active Directory and Entra ID for authentication and access to support education services. We continue to see an increase with being targeted by Ransomware groups and falling victim to ransomware attacks, putting sensitive data and education services
Pass the Ticket Attack: Active Directory’s Hidden Danger
Protect your Active Directory from the Pass the Ticket attack. Learn the mechanics, devastating impact, and defense strategies to safeguard your organization.
How to Protect Active Directory from a Kerberoasting Attack
Active Directory (AD) is the beating heart of many organizations’ IT infrastructures, managing user accounts, permissions, and access to critical resources. However, beneath its seemingly impenetrable exterior lies a vulnerability that attackers are increasingly exploiting: the Kerberoasting attack. Let’s take a look at this threat, understand its mechanics, and uncover
Qilin Ransomware: How to Detect & Protect Against This Exploit
Qilin ransomware has emerged as a significant threat to organizations, particularly those relying heavily on Active Directory for managing their IT infrastructure. Qilin ransomware has adopted a new method for stealing credentials from Google Chrome browsers by leveraging Active Directory Group Policy. In this guide, we will explore how Qilin
FSMO Roles: The Hidden Key to Resilient Active Directory
At the heart of every well-functioning Active Directory (AD) environment lies a set of unsung heroes: Flexible Single Master Operation (FSMO) roles. These specialized roles hold the keys to your AD’s resilience, stability, and recoverability. While they may not be the most glamorous aspect of AD management, understanding and safeguarding
Golden Ticket Attack: How To Protect Your Active Directory
Among all cybersecurity threats, only a few attacks are as insidious and potentially damaging as the Golden Ticket attack. Unlike ransomware or brute-force hacking, which often leave visible traces, the Golden Ticket attack operates under the radar, giving hackers a secret passage into the heart of a company’s most valuable
Mastering Microsoft 365 Governance: Active Directory Guide
In most Microsoft 365 environments, Active Directory (AD) is a key component for managing user identities and access, controlling who accesses what and how. However, as your organization grows, so do the complexities and risks associated with AD management. An improperly managed AD setup can lead to devastating security breaches,
Forest Recovery in Active Directory: Are You Prepared?
Active Directory (AD) is the backbone of most enterprise IT environments, serving as the central repository for user identities, access permissions, and system configurations. As organizations grow and evolve, their AD infrastructures often expand into multiple domains within a single forest, and/or multiple forests with multiple domains, creating a complex
Prevent & Detect VMware ESXI Vulnerability CVE-2024-37085 with Cayosoft Threat Detection
CVE-2024-37085 is an authentication bypass vulnerability in VMWare ESXi being currently being exploited by ransomware groups. This blog will review the background of the exploit and how to leverage Cayosoft Guardian to scan for potential indicators of compromise and proactively defend against future attacks. The short video below also provides
Managing Active Directory in a Zero Trust World
Applying a Zero Trust strategy to Active Directory management reduces your identity threat landscape, enhances access controls and segmentation, enforces just-in-time access, and improves monitoring and incident response. Overall, this approach strengthens your identity platform and makes it more resilient. In this blog, learn how Zero Trust strategy and principles
What is Mimikatz? A Security Guide for Organizations
Imagine a cyberattack that doesn’t rely on brute force or zero-day exploits, instead silently slipping past your defenses and targeting the very heart of your network security: user credentials. This is the reality of Mimikatz, a post-exploitation tool that has become a favorite weapon among cybercriminals. What Is Mimikatz? It’s
NTLM Relay Attack Prevention: A Checklist for Active Directory Security
NT LAN Manager (NTLM) relay attacks represent a persistent threat to organizations that rely on Active Directory (AD) for identity management and access control. These attacks exploit weaknesses in the NTLM authentication protocol, allowing attackers to impersonate legitimate users and gain unauthorized access to sensitive resources within the AD environment.
Securing Active Directory Against DCSync Attacks
DCSync attacks remain a persistent threat to Active Directory (AD) security. These attacks cleverly exploit normal AD replication processes, allowing hackers to secretly extract sensitive password hashes. This access can pave the way for widespread exploits across your network. Given the prevalence of DCSync attacks, IT professionals must be equipped
Cayosoft-Enhanced Defense: Securing Active Directory in 2024
Active Directory (AD) remains a backbone of IT systems for many organizations, managing access and permissions for users and devices. But its frequent use made it a top target for cyberattacks. Attackers are getting smarter, finding ways to misuse AD’s features to gain control, spread through networks, and steal valuable
Surviving LockBit: How to Protect Your Organization
LockBit ransomware attacks are on the rise and pose a major threat to organizations of all sizes. In 2022 alone, LockBit is estimated to have been responsible for 44% of all known incidents. This ransomware’s primary goal is to quickly gain full control of an environment to demand money from
Active Directory Best Practices for Management in 2024
In 2024, effective Active Directory (AD) management is more critical than ever. With escalating cyber threats and complex network environments, businesses must prioritize keeping their AD secure and streamlined. The shift towards automation and security-focused strategies aligned with Active Directory best practices is essential. Here’s the alarming fact: 82% of
Top 4 Security Measures Against Silver Ticket Attacks
Silver Ticket Attacks | Protecting Your Active Directory From Cyber Threats Silver ticket attacks are a type of cyberattack that exploits weaknesses in the Kerberos authentication protocol, which is used for secure logins within Active Directory (AD). By stealing a service account’s login information, attackers can create fake access passes
Securing SYSVOL: Threats, Protection, and Recovery
What is SYSVOL and Why is it Important? For many IT professionals, the system volume (SYSVOL) might seem like just another shared folder. However, if not properly protected, it represents a critical security vulnerability within every Active Directory domain controller. SYSVOL stores the essential files and scripts that govern user
Active Directory Software: Top 7 Enterprise Requirements
Understanding the Complexities of Enterprise IT Security The Microsoft Digital Defense Report reveals a concerning trend: 93% of Microsoft’s ransomware incident response engagements uncovered insufficient controls on privilege access and lateral movement. This illustrates that companies need to strengthen their user management and security in 2024. The growing trend underlines
Active Directory Authentication Explained
Getting Smart with Active Directory Authentication Let’s talk about Active Directory authentication, a key player in your IT environment’s security. In simple terms, it’s like the main gatekeeper of your organization’s IT environment, deciding who gets in and what they can do. This isn’t just about keeping bad guys out,
Active Directory Cleanup: Top 8 Best Practices
Top Best Practices for Optimal Performance | Active Directory Cleanup Active Directory plays a key role in IT infrastructure, managing user identities and protecting network resources. However, it can often collect excess data, creating what we can call digital clutter. An organized approach to cleaning up Active Directory is crucial
Are You Taking Active Directory Forest Recovery Serious Enough? Recent Survey Says No
Peer Survey Highlights: Active Directory Forest Recovery Needs Attention Cayosoft recently sponsored a survey on Active Directory (AD) forest recovery, in partnership with Petri.com, the IT Knowledgedatabase. Over 1,000 IT professional were surveyed and uncovered some interesting findings. Below are a few highlights. To learn more, check out the full
Active Directory Schema: Essentials & Backup Strategy
Understanding Active Directory Schema Before we dive into the backup, let’s clear up what an Active Directory schema is. Simply put, the Active Directory schema is a set of definitions that outline what kinds of objects and information about those objects can be stored in Active Directory. Think of it
It All Starts with the User: Active Directory User Management vs. Security
Active Directory User Management Imagine yourself overseeing a large online system, where each action affects your IT infrastructure. Welcome to the world of Active Directory user management – a domain where precision meets strategy, and the right tool can turn a challenging task into a streamlined process. In this domain,
Why You Need to Recover Active Directory Forest
Essential Considerations to Recover Your Active Directory Forest Active Directory isn’t just a part of your IT infrastructure, it’s the forgotten central hub that keeps everything running smoothly. But with great power comes great responsibility – and vulnerability. It’s a primary target for attackers and any disruption will send ripple
Enhancing IT Agility with Automated User Provisioning in Active Directory
Understanding Automated User Provisioning in Active Directory In the world of IT, manual management of user provisioning and deprovisioning feels as outdated as a floppy disk. Just imagine trying to juggle countless user profiles across diverse on-premise and cloud environments—it’s a logistical nightmare. Enter the era of automated user provisioning
Predicting the Unpredictable: Crafting Your Active Directory Disaster Recovery Plan
Explore the Importance of an Active Directory Recovery Plan Active Directory is the heart of many enterprises, tying together users, permissions, and vital services. When disaster strikes, whether it’s a cyberattack or a technical malfunction, the impact can be immense. That’s why an Active Directory disaster recovery plan isn’t just
Selecting the Right Tools to Manage Active Directory in 2024
How to Choose the Best Tools to Manage Active Directory In the changing world of IT management, choosing the right tools to manage Active Directory is very important. Active Directory is the main system for managing identities and access in your organization. It needs a strong solution that simplifies operations,
Peer Survey: Impact, Vulnerability, and Costs to Recover Active Directory Forests
Recover Your Active Directory Forest – Examining the Critical Impacts A couple years ago, Cayosoft commissioned a survey of 200 technology leaders to better understand the impacts and costs when recovering an Active Directory. We wanted to revisit this research, examine the answers, and see the differences between now and
Active Directory Disaster Recovery: How Confident Are You in Your AD Forest Recovery?
Is Your Active Directory Disaster Recovery Reliable? Will Your AD Forest Recovery Work When You Need It? If you are responsible for managing your organization’s Active Directory (AD) environment you understand how important it is to minimize downtime, protect against data loss, and ensure business continuity during an AD outage,
Is it Time for your Microsoft Enterprise Agreement Renewal?
Resources to Optimize Microsoft 365 (Formerly Office 365) License Management and Reduce Costs For organizations with 500 or more users or devices, that want a more manageable volume licensing program, the Microsoft Enterprise Agreement (EA) provides the ability to buy cloud services and software licenses under one agreement. These enterprise agreements are
Active Directory and Microsoft 365 Account Provisioning And User Lifecycle Management: Hidden Costs and Recommendations
At its core, user provisioning is a process that makes sure that user accounts are created, given the most appropriate level of permissions and managed moving forward across an enterprise. Keep in mind, however, that these days most Microsoft environments, in particular, are hybrid, meaning that they have both on-premises
Mednax Improves Hybrid Microsoft 365 Security and Administrative Efficiency: A Cayosoft Customer Story
After moving to a hybrid Microsoft Office 365 environment, the IT team at Mednax began looking for a management solution to help the organization securely manage the environment. “We also considered how we could empower other groups within Mednax, such as the security team and the help desk, and keep
Connect with Cayosoft at Gartner Security and Risk Management Summit
Join Us at the Gartner Security and Risk Management Summit Cayosoft is proud to be a sponsor for Gartner Security and Risk Management Summit 2022. IT and security professionals will come together to explore and share the latest trends in cybersecurity, IT threat mitigation, and new initiatives to safeguard their
Understanding IAM: Everything You Need to Know About the Components of Identity and Access Management
Discover the Essential Components of Identity and Access Management Beginning in 2021, the second Tuesday of April is Identity Management Day. As a joint venture between the Identity Defined Security Alliance (IDSA) and the National Cybersecurity Alliance (NCA), Identity Management Day was created to raise awareness and educate business leaders,
Senate Passes Cybersecurity Act: Orgs to Report Cyberattacks & Ransom Payments
The Senate on Tuesday passed major cybersecurity legation, moving one step closer toward forcing critical infrastructure companies to report cyberattacks and ransomware payments. The passage comes as federal officials have repeatedly warned of the potential for Russian cyberattacks against the United States amid the escalating conflict in Ukraine. The legislation,
Azure AD Connect: New Update
New Azure AD Connect Version 2.0.91.0 Released This week, Microsoft released an updated version of Azure AD Connect. This new version provides compliance of the Azure AD Connect Health component with the Federal Information Processing Standards (FIPS) requirements. Keep track and understand all the versions that have been released —
‘Wormable’ Flaw Leads January 2022 Patch Tuesday
Microsoft Releases Over 100 Updates in Patch Tuesday for January 2022 The January security updates from the Redmond-based software giant cover security defects in a wide range of default Windows OS components, including a critical flaw in the HTTP Protocol Stack (http.sys) that Microsoft describes as “wormable,” and another code
ManageEngine Zero-Day Flaw Actively Being Exploited
FBI Warns: APT Groups Exploiting Critical Vulnerability in ManageEngine Software Earlier this month, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint advisory highlighting a newly discovered vulnerability being actively exploited in ManageEngine ServiceDesk Plus, owned by Zoho Corp, an IT help desk and asset management software.
FBI & CISA Warning: ManageEngine Flaw Poses Serious Risk
APT Actors Exploit Vulnerability in ManageEngine ADSelfService Plus Reports confirm a critical security vulnerability in ManageEngine ADSelfService Plus, a self-service password management and single sign-on (SSO) tool for Active Directory environments, is actively being exploited. This newly discovered vulnerability, CVE-2021-40539, presents a critical authentication bypass risk that affects REST API
Credentials for Nearly 500,000 Fortinet VPN Users Leaked
Hackers Leak Passwords for Fortinet VPN Servers A list with nearly half a million Fortinet VPN user credentials, allegedly scraped from unprotected devices, is now being shared on hacker forums across the dark web. On Tuesday, a threat actor known as “Orange”, thought to be a member of the popular
New Microsoft Vulnerability, MSHTML RCE, Under Active Attack
Microsoft Alerts of New Zero-Day Flaw in Windows Microsoft released a security alert yesterday announcing a newly discovered flaw for a remote code execution (RCE) in MSHTML that is currently being exploited. MSHTML, also known as Trident, is a component used as a browser rendering engine for Microsoft Office documents.
New Pricing for Microsoft 365
New Commercial List Pricing for Office 365 Microsoft announced changes to their commercial pricing for Microsoft 365—the first substantive pricing update since the launch of Office 365 a decade ago. Microsoft says that this updated pricing reflects the increased value they have delivered to their customers over the past 10
New Find: Windows 365 Exposes Microsoft Azure Credentials In Plaintext
Windows 365 credentials can be dumped in plaintext On August 2nd, 2021, Microsoft launched their Windows 365 cloud-based desktop service, allowing users to rent Cloud PCs and access them via remote desktop clients or a browser. One of the lucky few who could get a free trial was Benjamin Delpy,
Thank Your SysAdmins – It’s System Administrator Appreciation Day!
Happy System Administrator Appreciation Day! System Administrator Appreciation Day, also known as SysAdmin Day, is an event created by System Administrator, Ted Kekatos. It all started when Kekatos saw a magazine advertisement in which a System Administrator was presented with flowers and fruit-baskets by grateful co-workers as thanks for installing
3rd Windows Print Spooler Critical Vulnerability Detected
Windows PrintNightmare Vulnerabilities & Exploits Continue At the end of June and earlier this month, Microsoft released a security update regarding a Windows Print Spooler critical vulnerability, now being called PrintNightmare. Their original guidance, CVE-2021-1675, was quickly met with backlash as patches released by Microsoft were reported to not fix
Microsoft Discovers New SolarWinds Flaw Under Attack
Microsoft Uncovers Remote Code Execution (RCE) Vulnerability & Zero-Day Exploit of SolarWinds Serv-U Product Microsoft recently alerted software company, SolarWinds, of a new vulnerability uncovered, providing proof of concept to the company last week. It was found in SolarWinds Serv-U product, in two IT management utilities used to manage remote
Thousands, Possibly Millions, of Businesses Affected by Latest Ransomware Attack
Kaseya Platform Targeted in Large-Scale Global Ransomware Attack Over the holiday weekend, notorious cybercrime group, REvil, successfully launched a ransomware attack targeting Managed Service Providers (MSPs). This unprecedented hack triggered an infection chain compromising a massive, global supply chain, with reports showing at least 1,000 businesses over 17 countries being