Mitigate RDP attacks on Azure VM’s with Just-in-Time Access

Introduction There are organizations who have migrated some of their on-premise machines to the Cloud of Azure, because it can reduce the workload. What’s great about this is the fact, that you don’t need to maintain all the physical hardware anymore. However it’s becomes a shared responsibility, when you have resources running in Azure. ThisContinue reading “Mitigate RDP attacks on Azure VM’s with Just-in-Time Access”

Computer accounts can move laterally too!

Introduction Computer accounts in Active Directory can be abused as well, but it’s not something we hear often, because lets face it. It’s not the first thing that comes up in to our mind, when we’re thinking about moving laterally to another machine with a computer account. Before we go further in to all theContinue reading “Computer accounts can move laterally too!”

Pass-the-Hash with RID-500 account

Introduction In my previous post, I’ve blogged about how Pass-the-Hash is still a nuclear bomb on most networks around the world. Despite that Microsoft has released mitigation guidance’s around this security threat. I always felt that most companies didn’t (fully) understood the whole problem about this, which has led that many companies didn’t implemented theContinue reading “Pass-the-Hash with RID-500 account”