"NSA Jointly Releases Guidance for Mitigating Active Directory Compromises"

"The National Security Agency (NSA) joins the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC) and others in releasing the Cybersecurity Technical Report (CTR), 'Detecting and Mitigating Active Directory Compromises.' The guidance provides prevention and detection strategies for the most prevalent techniques used to target Active Directory (AD). Gaining control over AD gives malicious actors privileged access to all systems and users managed by AD, according to the CTR. With privileged access, malicious actors can bypass other controls and access systems, including email and file servers, and critical business applications. Malicious actors can also modify AD information to establish persistent access and remotely login to organizations, bypassing multi-factor authentication (MFA) controls."

NSA reports "NSA Jointly Releases Guidance for Mitigating Active Directory Compromises"

Submitted by acaufield

 

Submitted by Gregory Rigby on