Dell SecureWorks Counter Threat Unit(TM) (CTU) researchers discovered malware that bypasses authentication on Active Directory (AD) systems that implement single-factor (password only) authentication. Threat actors can use a password of their choosing to authenticate as any user. This malware was given the name “Skeleton Key.” CTU researchers discovered Skeleton Key…
Category: Security
No More SSL 3.0 at Azure Storage Starting Feb. 20, 2015
Microsoft plans to disable Secure Sockets Layer (SSL) 3.0 encryption support in its Azure Storage service next month. Azure Storage won’t support the SSL 3.0 security protocol starting on Feb. 20, 2015, the company announced this week. If organizations still have browsers using that that protocol after February 20, then…
There Is No Security If You Have Physical Access: How To Reset the Domain Administrator Password In Windows Server 2012 R2
It’s hard to believe, but the good old domain administrator reset password trick from Windows Server 2003 / 2008 still works in Windows Server 2012 R2. Step-by-Step guide To reset the Domain Administrator password in Windows Server 2012 R2 do the following: Shutdown the domain controller. Boot on the Windows Server…