Active Directory Security

Windows Privilege Abuse: How Attackers Escalate from Accounts with Dangerous Rights to Active Directory Compromise

Windows Privilege Abuse: How Attackers Escalate from Accounts with Dangerous Rights to Active Directory Compromise

  • Andrea Pierini
  • Jul 06, 2026

Discover the most attractive Windows privileges from an attacker’s perspective: those that permit a direct privilege escalation.

When the Lights Go Out: What the Foxconn Breach Tells Us About Identity-First Ransomware

When the Lights Go Out: What the Foxconn Breach Tells Us About Identity-First Ransomware

  • Benjamin Lim
  • Jun 19, 2026

Understanding how an identity-first exploit enabled ransomware attackers to disable Foxconn can open your eyes to possible gaps in your own identity security. Discover how attackers take advantage of complexity in manufacturing organizations—and steps you can take to defend your organization’s business operations.

11 Real-World Risks Hidden in Active Directory Migrations

11 Real-World Risks Hidden in Active Directory Migrations

  • Mike Masciulli
  • Jun 12, 2026

An Active Directory migration and consolidation project is not just a data move. If you carry over legacy delegation mistakes, group nesting, trust relationships, and overprivileged accounts, you simply recreate risky attack paths. Learn how a security-first approach helps you make your new AD environment more secure.

RC4 and AD Migration: Uncover the Break Scenarios Hiding in Your Source Domain

RC4 and AD Migration: Uncover the Break Scenarios Hiding in Your Source Domain

  • Mike Masciulli
  • May 29, 2026

A quiet AD migration can turn into a noisy outage when RC4-dependent accounts fail. Migration services expert Mike Masciulli helps you understand where RC4-related failures hide—and how to find and fix them before cutover.

How to Audit Your Environment for RC4 Encryption

How to Audit Your Environment for RC4 Encryption

  • Guido Grillenmeier and Rich Peckham
  • Mar 30, 2026

Microsoft is deprecating RC4 encryption beginning in April 2026. This post explains the process—and points you to resources that can help.

What You Need to Know: Windows Admin Center Remote Privilege Escalation (CVE-2026-26119)

What You Need to Know: Windows Admin Center Remote Privilege Escalation (CVE-2026-26119)

  • Andrea Pierini
  • Mar 23, 2026

Learn about the discovery of CVE-2026-26119: why it worked and why you shouldn't underestimate authentication reflection.

When Is WinRM Over HTTP Secure?

When Is WinRM Over HTTP Secure?

  • Andrea Pierini
  • Mar 17, 2026

Is use of the Windows Remote Management (WinRM) protocol over HTTP inherently bad? Take a nuanced look at why "HTTP = insecure" isn't the whole story—and when HTTPS can actually introduce risk.

What You’re Missing: Proper LAN Manager Authentication Levels

What You’re Missing: Proper LAN Manager Authentication Levels

  • Andrea Pierini
  • Mar 11, 2026

One of the most common misconfigurations I encounter in Active Directory environments is a LAN Manager authentication level set to 2 on domain controllers (DCs). If your reason for staying at level 2 is legacy application compatibility, you can move to level 3 today without breaking those applications.