Introduction Active Directory (AD) serves as the cornerstone of identity and entitlements management in over 90% of organizations, making it a critical component of their operational infrastructure. However, its central role and extensive functionality also makes AD an attractive target for adversaries looking to exploit vulnerabilities, leading to unauthorized access, privilege escalation, and malicious activities […]
In the previous blog, we described how to catch attackers targeting Active Directory (AD) in the reconnaissance stage.
On May 31, 2023 Progress Software disclosed a SQL injection vulnerability (CVE-2023-34362) in the
Introduction When threats emerge, the Fidelis Cybersecurity Threat Research team (TRT) is ready. Each month, the Threat Intelligence Summary examines the latest threats and trends so you can stay resilient against cyber adversaries. In June 2023, we saw ongoing instances of non-compliance with CISA Directives related to MOVEit vulnerabilities, indicating persistent patching issues that pose […]