by Darren Mar-Elia | Jan 31, 2023 | Security-related
You may have caught the recent article about a new malware variant, called SwiftSlicer–attributed to a Russian APT group–that is making its way around Active Directory environments. There’s not a ton of details about how this malware is delivered,...
by Darren Mar-Elia | Oct 13, 2022 | Security-related
In case you missed it, there were three vulnerabilities related to GP Preferences in the latest October 2022 “Patch Tuesday”. Specifically they were: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37994...
by Darren Mar-Elia | Feb 17, 2022 | Security-related
Well, I have to admit that it’s been a while since I have found something interesting to blog about related to Group Policy. Despite the fact that the technology is still widely used, how much new can you say about something that’s 21+ years old? Well, as...
by Darren Mar-Elia | Aug 3, 2020 | Security-related
The story of the Trojan Horse is well known to everyone who has taken a history class. True or not, the story goes that the Greeks, in an effort to finally sack the city of Troy, construct a giant wooden horse with some of their top soldiers hidden inside. They wheel...
by Darren Mar-Elia | Jun 16, 2020 | CVE-2020-1317, Group Policy, Security-related
Earlier this month, Microsoft released an advisory for CVE-2020-1317 which describes a privilege escalation vulnerability in Group Policy. This was further detailed by the discoverer of the vulnerability on the Cyberark website. The nature of this issue is interesting...
by Darren Mar-Elia | Nov 19, 2019 | Security-related
About a year ago, I posted about the perils of granting someone write access on the Active Directory Domain NC “head” object, and how you could use that and some quirks in Restricted Groups policy to essentially elevate your access in AD, just based on...
