This website uses cookies to ensure you get the best experience on our website. Learn more
Brandon Lee has been in the industry 20+ years, is a prolific blogger focusing on networking, virtualization, storage, security & cloud, and contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.
Articles written by Brandon Lee
-
Aug
28
How to recover a deleted Active Directory object
Most organizations today are still running Active Directory on-premises as their identity and access management solution. Many businesses are also synchronizing it with cloud directories as part of a hybrid configuration. Recovering Active Directory and deleted objects is an important…
Read More -
Feb
27
Six attack paths in Active Directory and how to remediate them
One of the crown jewels for an attacker who infiltrates an enterprise environment is Active Directory Domain Services (AD DS). There are several attack paths the "blue team" needs to remediate to bolster the security of Active Directory. Remediating and…
Read More -
Feb
01
How to lock down your Active Directory password reset process
Attackers target helpdesks with social engineering attacks to gain unauthorized access to user accounts, which they can use to compromise an environment or launch ransomware attacks. When done effectively, they can bypass MFA and avoid having to verify their identity.…
Read More -
Dec
11
Microsoft transitions NTLM to Kerberos in Windows to boost security
Windows authentication is a process that’s been around for decades. Unsurprisingly, attackers often target this authentication mechanism, preying upon weaknesses and vulnerabilities as they crop up. To help secure Windows authentication, Microsoft recently announced it was deprecating reliance on NT…
Read More -
Nov
07
How to force password changes at next logon in Entra ID (formerly Azure AD)
Entra ID (formerly Azure AD) is the central component for identity and access management in Microsoft Azure, and by extension, Microsoft 365. Managing users and passwords for organization accounts requires understanding how Entra ID (formerly Azure AD) handles password changes,…
Read More -
Sep
12
Enable Microsoft Entra Password Protection (formerly Azure AD Password Protection) in a hybrid environment
With default Active Directory password policies, many organizations find that users create weak, easily guessed, or incremental passwords that attackers can easily compromise. Using Microsoft Entra Password Protection (formerly Azure AD Password Protection), organizations can have an additional layer of…
Read More -
Aug
31
Useful PowerShell commands for managing Active Directory password policies
Managing password policies in Active Directory is an essential task for a system administrator managing AD DS environments. Password policies help to enforce password policy best practices so passwords are not easily guessed or compromised. Managing and configuring password policy…
Read More -
Aug
17
What’s Entra ID? Azure AD’s latest name change explained
If you’ve seen reference to ‘Microsoft Entra ID’ recently, it’s because Microsoft have rebranded Azure Active Directory (Azure AD) to become part of the Microsoft Entra product family. It will be a gradual process that started on July 11th and…
Read More -
Jul
17
How does a brute force password attack work?
Compromising login credentials is the goal of many modern cyber-attacks. If successful, they can result in the worst types of data breaches, especially when high-level accounts are breached. One of the oldest and most common methods for guessing a user’s…
Read More -
May
30
Business email compromise: Practical ways to reduce your risk
Everyone uses email – you’d struggle to find a business that doesn’t. Unfortunately, for a form of digital communication we’ve been using since the 80s, it’s still very easy for cybercriminals to attack. As a result, email is the starting…
Read More