Strengthen endpoint protection with Microsoft Defender for Endpoint. Stop cyberattacks, boost endpoint security with AI, and secure your devices. Try it now.| www.microsoft.com
In 13 September 2022, Secureworks published a Threat Analysis: Azure Active Directory Pass-Through Authentication Flaws. The vulnerabilities discovered by our team allows threat actors to gain persistent and undetected access to the target Azure AD tenant. In this blog post, I’ll show how the attack can be conducted using AADInternals and standalone Windows server.| aadinternals.com
In my previous blog post I explained how Group Managed Service Accounts (gMSA) passwords are stored locally on the servers. In this blog, I’ll share how you can easily elevate yourself from the local administrator to gMSA without a need to know the account password. I’m already using this technique in AADInternals to execute code as AD FS service account.| aadinternals.com
AAD Internals PowerShell module| aadinternals.com