Microsoft’s recent research spotlights a dangerous post-exploitation technique called Golden dMSA. This new attack method abuses SYSTEM-level access on domain controllers to execute persistent payloads, including ransomware that targets the core of Active Directory. By hijacking delegated Managed Service Accounts (dMSAs), attackers can gain access without needing to compromise traditional credentials. Originally introduced in Windows […]| Silverfort
Microsoft’s built-in password rotation mechanism is designed to protect on-premises Non-Human Identities (NHIs), such as machine accounts in Active Directory (AD). On the surface, it appears to be a strong defense—automated, scheduled, and structured to minimize security risks. This safeguard, however, can be subverted—allowing attackers to create a persistent foothold. An adversary can manipulate the […]| Silverfort
Dubbed “NOTLogon,” Silverfort discovered an Active Directory DoS vulnerability, which was patched by Microsoft on July 8, 2025.| Silverfort
Most security programs are laser-focused on human users, including employees, contractors, and third parties. But there’s a parallel universe growing in scale and risk that remains largely invisible…| Silverfort