Treat your Privileged Authentication Admins as Global Admins

Introduction: I’ve been lately diving into different escalation paths in Azure AD and what I’ve realized is, that it’s possible to take-over a Global Admin account. Once a user is part of a directory role that’s called Privileged Authentication Administrator. This role is described by Microsoft as the following: As Microsoft has documented it soContinue reading “Treat your Privileged Authentication Admins as Global Admins”

How attackers are moving laterally via Kerberos

Introduction Kerberos exist for a long time and it has been the default authentication protocol for Windows, Active Directory. Attackers have been abusing the Kerberos protocol for a while, but it’s not that Kerberos is immediately insecure. It’s the way how it has been designed. Before we’re diving into the ways of how an attackerContinue reading “How attackers are moving laterally via Kerberos”