active directory security

Microsoft’s August Patch Tuesday is one of the heavier maintenance cycles of the year: the company released patches addressing well over a hundred vulnerabilities across Windows, Office, Exchange, SQL Server and Azure services, and security teams must triage a short list of immediate priorities...

Striking the right balance between security and operational efficiency is a persistent challenge for enterprise IT administrators. As cyberthreats accelerate in sophistication, a misstep in configuring security policies can open windows of vulnerability, resulting in costly breaches, regulatory...

Semperis, a leader in identity security, has recently unveiled a critical vulnerability in Windows Server 2025's delegated Managed Service Accounts (dMSAs), termed the "Golden dMSA" attack. This flaw enables attackers to bypass authentication mechanisms and generate passwords for all dMSAs and...

Here’s a summary of the critical findings from Semperis regarding Windows Server 2025 and the new design flaw: Golden dMSA Flaw Overview What is Golden dMSA? Golden dMSA is a critical design flaw in delegated Managed Service Accounts (dMSA) in Windows Server 2025. It allows attackers to...

Semperis, a leader in identity security, has uncovered a critical design flaw in Windows Server 2025 that exposes Delegated Managed Service Accounts (dMSAs) to a high-impact attack known as "Golden dMSA." This vulnerability enables attackers to perform cross-domain lateral movements and maintain...

Semperis has unveiled a critical design flaw in Windows Server 2025's delegated Managed Service Accounts (dMSAs), termed "Golden dMSA." This vulnerability allows attackers to generate service account passwords, facilitating undetected, persistent access across Active Directory environments. The...

For enterprise environments contemplating a rapid migration to Windows Server 2025, the spotlight has recently shifted from the platform’s much-lauded innovations to a potentially game-changing security vulnerability identified by research firm Semperis. This flaw—dubbed “Golden dMSA”—impacts...

Semperis researchers have identified a critical design flaw in Windows Server 2025's delegated Managed Service Accounts (dMSAs), termed the "Golden dMSA" vulnerability. This flaw allows attackers to achieve persistent, undetected access to managed service accounts, potentially exposing resources...

On July 8, 2025, Microsoft released its monthly Patch Tuesday updates, addressing a substantial number of vulnerabilities across various products. This release is particularly noteworthy due to the introduction of new features in Windows 11 and the resolution of critical security flaws. Overview...

Windows Netlogon has long served as a critical backbone for authentication and secure communications within Active Directory environments. However, recent disclosure of CVE-2025-49716 has cast a spotlight on significant and exploitable weaknesses in how Netlogon processes certain types of...

NTLM relay attacks, once thought to be a relic of the past, have re-emerged as a significant threat in modern Active Directory environments. Despite years of research and incremental security improvements, most enterprise domains remain susceptible to these attacks, creating wide-reaching risks...

A critical new vulnerability has rocked the Windows security landscape, exposing enterprises worldwide to a sophisticated privilege escalation threat unlike any previously documented. The flaw—now cataloged as CVE-2025-33073—lays bare the potential for attackers to subvert fundamental...

Microsoft’s June update cycle has brought significant security enhancements for Windows and Office users, addressing a total of 66 documented vulnerabilities across multiple product families. This month’s Patch Tuesday, a fixture for IT administrators and security-conscious individuals, stands...

Microsoft’s monthly Patch Tuesday always draws focused attention from IT professionals, cybersecurity experts, and everyday users alike, but the stakes for June 2025 are higher than usual. This month, Microsoft released security updates to remediate at least 67 vulnerabilities across its Windows...

In a significant development for Windows Server 2025 security, Semperis has introduced advanced detection capabilities within its Directory Services Protector platform to counteract the "BadSuccessor" privilege escalation technique. This initiative, in collaboration with Akamai, addresses...

In a significant development for Windows Server 2025 security, Semperis has unveiled enhanced detection capabilities within its Directory Services Protector (DSP) platform. This initiative, in collaboration with Akamai, aims to counteract the "BadSuccessor" privilege escalation technique that...

Few developments in enterprise cybersecurity have proved as persistent—and as adaptive—as Windows authentication coercion attacks. Despite years of steady security investments by Microsoft and mounting awareness within the IT community, these sophisticated offensive techniques continue to...

Authentication coercion attacks have emerged as a formidable and evolving threat to enterprise networks leveraging Windows infrastructure. Despite significant advances in native Microsoft security controls, even low-privileged domain accounts can still exercise a range of techniques to force...

In recent weeks, the cybersecurity landscape for enterprise Windows deployments has been shaken by the disclosure of a new zero-day vulnerability in Active Directory—dubbed "BadSuccessor." Security forums, tech news outlets, and IT administrators across the globe are keenly following...

The upcoming release of Windows Server 2025 has generated excitement for new features and enhanced capabilities, but a significant security concern has surfaced that threatens to overshadow these advancements: a vulnerability in the Active Directory (AD) operation known as the “BadSuccessor”...