Tuesday, December 7, 2021

Threat Hunting Certificate Account Persistence

The role of Certification Authority is to provide trust between different active directory entities or as an authentication mechanism in order to access specific resources such as web applications and services in a secure manner. Deployment of a Certification Authority across a windows domain can provide opportunities to threat actors for abuse that involves persistence and domain escalation. These attacks have been covered in detail in the paper Certified Pre-Owned that was released by Will Sch…

Read More

Latest news
Related news