Daily Dave

Syndicate content
This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.
Updated: 1 year 25 weeks ago

Re: Active Directory - a clear and present danger

26 July, 2021 - 21:31

Posted by Moses Frost via Dailydave on Jul 26

I am always in shock when people cannot see the forests from the tree's even when talking to peers. First things first,
Azure AD and many IdP's are not impervious to attack. Through Oauth2 and other privilege abuse angles in the IdP
itself, backdooring systems are (and will continue to be) a thing. For those on defense, I hope you are checking on
those MS Graph enabled Service Principals while I am waving at the other end (hello)....

Re: Active Directory - a clear and present danger

26 July, 2021 - 21:21

Posted by François Zöfel via Dailydave on Jul 26

Speaking for a heavily regulated EU business here: a US cloud based solution will most probably not fit our needs. Both
GDPR and rules about not being dependent on 3rd party businesses to conduct our own mean we’re stuck with an on-prem AD.

I’m very interested to hear about any potential alternative.

François

Le dim., juil. 25, 2021 à 07:50, Peter Bance via Dailydave <dailydave () lists aitelfoundation org> a écrit :

Dailydave...

Re: Active Directory - a clear and present danger

25 July, 2021 - 08:33

Posted by Peter Bance via Dailydave on Jul 25

Funnily enough, I’ve just decommissioned our last Domain Controller - as you rightly say, AD is just too much pain/risk
to keep in place. Azure AD for us - still not 100% ideal, but rapidly improving, and transfers a lot of the
infrastructure/config pain to Microsoft themselves.

Obviously admins can still make horrible mistakes, but that’s easier to monitor than all config across an on-prem
forest, and it’s far simpler to limit (or even...

Active Directory - a clear and present danger

24 July, 2021 - 13:54

Posted by Dave Aitel via Dailydave on Jul 24

So I definitely have a different mental history of active directory than
most people, and recently I was doing a Glasshouse podcast with Pablo Breuer
<https://www.linkedin.com/in/pablobreuer/> and here
<https://youtu.be/Z0d6qNLevUY?t=2714> he says basically the same thing
everyone says, which is that it's impossible to move off of technology even
when that technology has a history of severe flaws, or a design flaw that
means it...