The recent flare up around EternalBlue and other SMB attacks has put the spotlight back on Microsoft security vulnerabilities. In this podcast, cybersecurity veteran Jeff Warren speaks with host Jonathan Sander about four Active Directory attacks almost every organization can fall prey to—and how with tools like BloodHound, PowerShell, and Mimikatz, even newbie attackers can quickly escalate privileges to compromise your entire Active Directory domain, even exfiltrating your Ntds.dit file.
These Active Directory attacks are scarier than those involving SMB vulnerabilities because there is no patch available. To protect yourself, you need to broaden your definition of admin groups and privileges to include everyone who can logon to critical servers and domain controllers.
Jonathan Sander is STEALTHbits’ Chief Technology Officer (CTO). As CTO, he is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets, and he will also lead corporate development efforts. Jonathan also plays the role of evangelist at STEALTHbits venues large and small. Prior to STEALTHbits, Jonathan was VP of Product Strategy for Lieberman Software.
As part of Quest Software from 1999 through 2013, he worked with the security and ITSM portfolios. He helped launch Quest’s IAM solutions, directing all business development and product strategy efforts. Previous to that, Mr. Sander was a consultant at Platinum Technology focusing on the security, access control and SSO solutions. He graduated from Fordham University with a degree in Philosophy.