New Azure ATP Blogs!

%3CLINGO-SUB%20id%3D%22lingo-sub-466565%22%20slang%3D%22en-US%22%3ENew%20Azure%20ATP%20Blogs!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-466565%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F36160%22%20target%3D%22_blank%22%3E%40Tal%20Maor%3C%2FA%3E%2C%20on%20the%20Azure%20ATP%20security%20research%20team%2C%20just%20posted%20two%20new%20blogs%3B%20the%20first%20one%20is%20on%20LDAP%20Reconnaissance%2C%20which%20forms%20the%20foundation%20of%20Active%20Directory%20attacks%3A%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FEnterprise-Mobility-Security%2FLDAP-Reconnaissance-the-foundation-of-Active-Directory-attacks%2Fba-p%2F462973%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FEnterprise-Mobility-Security%2FLDAP-Reconnaissance-the-foundation-of-Active-Directory-attacks%2Fba-p%2F462973%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20second%20explains%20how%20you%20can%20detect%20LDAP-based%20Kerberoasting%20using%20Azure%20ATP%3A%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FEnterprise-Mobility-Security%2FDetecting-LDAP-based-Kerberoasting-with-Azure-ATP%2Fba-p%2F462448%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FEnterprise-Mobility-Security%2FDetecting-LDAP-based-Kerberoasting-with-Azure-ATP%2Fba-p%2F462448%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

@Tal Maor, on the Azure ATP security research team, just posted two new blogs; the first one is on LDAP Reconnaissance, which forms the foundation of Active Directory attacks: https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/LDAP-Reconnaissance-the-foundati...

 

The second explains how you can detect LDAP-based Kerberoasting using Azure ATP: https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Detecting-LDAP-based-Kerberoasti...

 

 

0 Replies