This article has been indexed from Help Net Security
Gaining access to domain admin credentials is part of the endgame in many sophisticated attacks where threat actors are trying to maintain persistence. One of the ways that adversaries accomplish this is through DCSync attacks. What is a DCSync attack? A DCSync attack is a method where threat actors run processes that behave like a domain controller and use the Directory Replication Service (DRS) remote protocol to replicate AD information. The attack enables them to … More
The post Guarding against DCSync attacks appeared first on Help Net Security.
Read the original article: Guarding against DCSync attacks