In this blog post, we’ll cover some concepts from the AD CS terminology, go over an abuse scenario and explain how customers can detect the attack using Cortex XDR. The paper demonstrates how an adversary can utilize and abuse the AD CS environment to elevate privileges, get a strong foothold and persistence within a network. In June 2021, Will Schroeder and Lee Christensen released a white paper named Certified Pre-Owned about research conducted on AD CS. It is used to manage and establish trust between different directory objects using digital certificates and digital signatures. Active Directory Certificate Services (AD CS) is a Microsoft server role which implements a public key infrastructure ( PKI).
0 Comments
Leave a Reply. |