Attivo Networks Blogs

Active Directory

Credentials Harvesting from Domain Shares

Reading Time: 3 minutes  |  Published: July 2, 2021 in Active Directory, Blogs

Written by: Vikram Navali, Senior Technical Product Manager - Credentials Harvesting is an attack technique adversaries employ after establishing a foothold inside an organization. The technique is to harvest or amass numerous credentials (username/password combinations) for reuse. It helps adversaries move internally to higher-value assets...

Hafnium Microsoft Hack– Active Exploitation of Microsoft Exchange and Lateral Movement

Reading Time: 2 minutes  |  Published: March 9, 2021 in Active Directory, Blogs, Cloud, Endpoint Protection, Event, ThreatPath

Written by the Attivo Research Team - Contributing members: Gorang Joshi, Anil Gupta, Saravanan Mohan - Microsoft and Volexity have confirmed the active exploitation of vulnerabilities published by Microsoft in Exchange Server. Security research has attributed the exploitation to the Advanced Persistent Threat group known as Hafnium...

Sunburst and Breaking the Kill-Chain

Reading Time: 4 minutes  |  Published: March 2, 2021 in Active Directory, Blogs

Written by: Tony Cole, CTO - Sometime in early 2020, the SolarWinds Orion software build process had malicious code injected into it. Enterprises around the globe widely deploy this network management and monitoring software. Unsuspecting companies did their regular patch and update cadence when SolarWinds provided...