Registration for #HIPCONF25 is open!

Back to blogs listing

Identity Attack Catalog

Categories

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
How to Defend Against a Pass the Ticket Attack: AD Security 101

How to Defend Against a Pass the Ticket Attack: AD Security 101

  • Daniel Petri | Senior Training Manager

Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems, monitor and secure Active Directory, and follow robust security measures for credential and ticket protection are at a higher risk.…

How to Defend Against Golden Ticket Attacks: AD Security 101

How to Defend Against Golden Ticket Attacks: AD Security 101

  • Daniel Petri | Senior Training Manager

Golden Ticket attacks are particularly cunning. Like Kerberoasting, Golden Ticket attacks exploit the Kerberos authentication system and are one of the most severe threats to Active Directory environments. Here’s more information about this type of attack and how you can defend your Active Directory environment. What is a Golden Ticket…

How to Defend Against MFA Fatigue Attacks: AD Security 101

How to Defend Against MFA Fatigue Attacks: AD Security 101

  • Daniel Petri | Senior Training Manager

An MFA fatigue attack—also known as MFA bombing—is an attack tactic, technique, and procedure (TTP) in which a threat actor floods users with multifactor authentication (MFA) requests. By overwhelming, confusing, or distracting the user into approving a fraudulent request, attackers hope to gain access to your network environment. Microsoft recently…

How to Protect Active Directory Against Kerberoasting: AD Security 101

How to Protect Active Directory Against Kerberoasting: AD Security 101

  • Daniel Petri | Senior Training Manager

Active Directory (AD) remains a crucial backbone for enterprise IT environments, centralizing authentication and authorization for users and computers. However, Active Directory’s importance—coupled with its age and the technical debt it often accrues—makes it a primary target for cyberattacks. One common attack technique, called Kerberoasting, exploits the Kerberos authentication protocol…

How to Prevent a Man-in-the-Middle Attack: AD Security 101

How to Prevent a Man-in-the-Middle Attack: AD Security 101

  • Daniel Petri | Senior Training Manager

A man-in-the-middle attack, also known as an MitM attack, is a form of eavesdropping in an attempt to steal sensitive data, such as user credentials. These attacks can pose a serious threat to organizations' network security, particularly in environments that use Microsoft Active Directory (AD) for identity management. As Active…