"The Attacks That Can Target Your Windows Active Directory"

Active Directory (AD) remains the predominant source of Identity and Access Management (IAM) in the enterprise, making it the target of numerous attacks. There are multiple attack techniques and attack vectors that hackers use to target AD. Different attacks against AD Domain Services (AD DS) have the potential to compromise the environment. DCSync, DCShadow, password spray, pass-the-hash, pass-the-ticket, and more are examples of modern attacks used against AD DS. For example, the DCShadow attack exploits legitimate AD communications traffic between domain controllers. The DCShadow attack also uses the DCShadow command as part of the Mimikatz lsadump module. It uses Microsoft Directory Replication Service Remote protocol instructions. Attackers can register a malicious domain controller and replicate its modifications to other domain controllers in the background. It may involve adding accounts controlled by hackers to the domain administrators group. This article continues to discuss examples of attacks used against AD DS.

Bleeping Computer reports "The Attacks That Can Target Your Windows Active Directory"