Brandon Lee

Networking

Storage

Virtualization

Brandon Lee has been in the industry 20+ years, is a prolific blogger focusing on networking, virtualization, storage, security & cloud, and contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.

Articles written by Brandon Lee

Feb

27

Six attack paths in Active Directory and how to remediate them

One of the crown jewels for an attacker who infiltrates an enterprise environment is Active Directory Domain Services (AD DS). There are several attack paths the "blue team" needs to remediate to bolster the security of Active Directory. Remediating and…
Read More
Feb

01

How to lock down your Active Directory password reset process

Attackers target helpdesks with social engineering attacks to gain unauthorized access to user accounts, which they can use to compromise an environment or launch ransomware attacks. When done effectively, they can bypass MFA and avoid having to verify their identity.…
Read More
Dec

11

Microsoft transitions NTLM to Kerberos in Windows to boost security

Windows authentication is a process that’s been around for decades. Unsurprisingly, attackers often target this authentication mechanism, preying upon weaknesses and vulnerabilities as they crop up. To help secure Windows authentication, Microsoft recently announced it was deprecating reliance on NT…
Read More
Nov

07

How to force password changes at next logon in Entra ID (formerly Azure AD)

Entra ID (formerly Azure AD) is the central component for identity and access management in Microsoft Azure, and by extension, Microsoft 365. Managing users and passwords for organization accounts requires understanding how Entra ID (formerly Azure AD) handles password changes,…
Read More
Sep

12

Enable Microsoft Entra Password Protection (formerly Azure AD Password Protection) in a hybrid environment

With default Active Directory password policies, many organizations find that users create weak, easily guessed, or incremental passwords that attackers can easily compromise. Using Microsoft Entra Password Protection (formerly Azure AD Password Protection), organizations can have an additional layer of…
Read More
Aug

31

Useful PowerShell commands for managing Active Directory password policies

Managing password policies in Active Directory is an essential task for a system administrator managing AD DS environments. Password policies help to enforce password policy best practices so passwords are not easily guessed or compromised. Managing and configuring password policy…
Read More
Aug

17

What’s Entra ID? Azure AD’s latest name change explained

If you’ve seen reference to ‘Microsoft Entra ID’ recently, it’s because Microsoft have rebranded Azure Active Directory (Azure AD) to become part of the Microsoft Entra product family. It will be a gradual process that started on July 11th and…
Read More
Jul

17

How does a brute force password attack work?

Compromising login credentials is the goal of many modern cyber-attacks. If successful, they can result in the worst types of data breaches, especially when high-level accounts are breached. One of the oldest and most common methods for guessing a user’s…
Read More
May

30

Business email compromise: Practical ways to reduce your risk

Everyone uses email – you’d struggle to find a business that doesn’t. Unfortunately, for a form of digital communication we’ve been using since the 80s, it’s still very easy for cybercriminals to attack. As a result, email is the starting…
Read More
Feb

13

Securing authentication tokens by preventing delegation of admin accounts

The underlying capabilities provided by Kerberos authentication in Active Directory means that access tokens can be delegated to users and computers for various purposes. Attackers can capitalize on the built-in capabilities of Active Directory with impersonation and delegation to compromise…
Read More