Ars Technica

Remove Domain Admins from vCenter->Administrators

Are there any gotchas to watch out for when removing the domain group "Domain Administrators" from the vCenter local admin group? As a result of that being there, anyone who is a domain admin is also ...
Security Boulevard

Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit

What Are Shadow Admins in AD? A common problem we encounter within many customer AD environments are accounts that, at first glance, may appear innocuous, but that actually have hidden administrative ...
Ars Technica

Best "Practical" Practice w/Domain Admin Accounts/IT Staff...

OK, so like many places. IT staff is domain administrators. I know that is a bad idea and our recent outbreak of a undiscovered version of the conficker worm made that all too apparent. So I wish to ...
TechRepublic

Protect domain-joined computer passwords with Windows’ Local Administrator Password Solution

Windows finally includes a tool to manage local admin passwords, but admins will still need to do some work to make it useful. Image: Ivan/Adobe Stock. One of the best ways to defend your network is ...
Dark Reading

Microsoft Exchange Vuln Enables Attackers to Gain Domain Admin Privileges

Microsoft Exchange 2013 and newer versions are vulnerable to a privilege escalation attack that gives anyone with a mailbox a way to gain domain administrator rights at potentially 90% of ...
Computerworld

Scenario-based pen-testing: From zero to domain admin with no missing patches required

A look at penetration testing without vulnerabilities, using LLMNR and NBT-NS spoofing to gain a foothold in the environment and elevating to domain administrator. In this post we will look at a ...