Homepage
Open in app
Sign in
Get started
AttivoTechBlogs
Deceptively Simple Threat Detection
Follow
SeriousSAM aka HiveNightmare vulnerability — Local Privilege Escalation on Windows 10
SeriousSAM aka HiveNightmare vulnerability — Local Privilege Escalation on Windows 10
Microsoft confirmed a new vulnerability that allows any non-admin user to access local user passwords on Windows 10. This vulnerability…
Nitin Jyoti
Jul 21, 2021
Preventing samaccountname spoofing and kdc bamboozing
Preventing samaccountname spoofing and kdc bamboozing
The year 2021 has been challenging for users of Microsoft Active Directory. From late December 2020, we saw significant vulnerability…
Biju Varghese
Dec 23, 2021
Five commands attackers use to find Domain Administrators in Active Directory
The purpose of this blog is to provide examples of commands that attackers would use to retrieve privileged group members in Active…
Vlado Vajdic
Jul 15, 2021
Integrating Deception with DevOps
Integrating Deception with DevOps
DevOpsSec or DevSecOps is the process of integrating security best practices as part of the development and deployment process. Every…
Venu Vissamsetty
Dec 3, 2019
Detecting Man-in-the-Middle Attacks
Detecting Man-in-the-Middle Attacks
An internal Man-in-the-Middle (MITM ) attack is where attackers insert themselves into the communications path on a network segment to…
Muthukumar Lakshmanan
Jan 17, 2020
Protecting threat actors from taking advantage of Bloodhound 3.0
Protecting threat actors from taking advantage of Bloodhound 3.0
Bloodhound 3.0 with three new attack methods — gMSA Control, OU Control & SID History.
Biju Varghese
Jul 8, 2020
Protecting against Kerberos Golden Ticket, Silver Ticket, and Pass-The-Ticket (PTT) Attacks
Protecting against Kerberos Golden Ticket, Silver Ticket, and Pass-The-Ticket (PTT) Attacks
The Pass-The-Ticket attack is a powerful technique cyber adversaries employ for post-exploitation lateral movements and privilege…
Nitin Jyoti
Jul 16, 2021
Latest
Protection Against Targeted Active Directory Ransomware
Protection Against Targeted Active Directory Ransomware
Targeted ransomware, also known as human-operated ransomware, poses a significant threat to enterprises. In targeted ransomware attacks…
Venu Vissamsetty
Jul 17, 2020
Lateral Movement Using SMB Session Enumeration
Lateral Movement Using SMB Session Enumeration
Attackers conduct Session Enumeration attacks by invoking a function called NetSessionEnum against an identified Target Server.
Biju Varghese
Mar 29, 2020
Ghost in the shell: Preventing Active Directory Lateral Movement
Ghost in the shell: Preventing Active Directory Lateral Movement
Microsoft’s Detection and Response Team (DART) recently published an article about an internet-facing web server getting infected and an…
Venu Vissamsetty
Feb 11, 2020
About AttivoTechBlogs
Latest Stories
Archive
About Medium
Terms
Privacy
Teams