Common Information
| Type | Value |
|---|---|
| Value |
AZT201.2 - Service Principal |
| Category | Atrm |
| Type | Atrm |
| Misp Type | Cluster |
| Description | By obtaining a valid secret or certificate, an adversary may login to AzureAD via command line. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-07 | 4 | Abusing Intune Permissions for Lateral Movement and Privilege Escalation in Entra ID Native Environments | Google Cloud Blog | ||
| Details | Website | 2024-11-07 | 0 | Compromising Identity Provider Federation | ||
| Details | Website | 2024-10-30 | 2 | Detailed Guide to Detecting and Analyzing a Kerberoasting Attack in Active Directory Using Splunk | ||
| Details | Website | 2024-10-29 | 2 | ACTIVE DIRECTORY GÜVENLİĞİ | ||
| Details | Website | 2024-10-22 | 16 | Sentinel for Purple Teaming | ||
| Details | Website | 2024-10-22 | 0 | Active Directory Penetration Testing: Basics of AD-Part 2 | ||
| Details | Website | 2024-10-21 | 138 | Intro to Active Directory HTB-Academy | ||
| Details | Website | 2024-10-19 | 0 | Iranian Hackers Target CNI with Brute Force Attacks | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-18 | 27 | Iranian Cyber Actors’ Brute Force and Credential Access Attacks: CISA Alert AA24-290A | ||
| Details | Website | 2024-10-18 | 3 | AFP & ACSC Joint Cybersecurity Advisory Flags Iranian Bad Actors | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-17 | 5 | SafeBreach Coverage for US CERT AA24-290A (Iranian Cyber Actors) | ||
| Details | Website | 2024-10-17 | 0 | Iranian Hackers Target CNI with Brute Force Attacks | ||
| Details | Website | 2024-10-16 | 4 | Iran Targets Critical Infrastructure with Brute-Force Attacks: CISA and FBI | ||
| Details | Website | 2024-10-16 | 0 | MS-200 Module 3–4 Notes | ||
| Details | Website | 2024-10-16 | 108 | Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations | CISA | ||
| Details | Website | 2024-10-15 | 29 | Hybrid — Full Chain Walkthrough (TjNull list) | ||
| Details | Website | 2024-10-14 | 4 | Enhancing Your Active Directory Home Lab with Entra ID and Forest Druid Integration | ||
| Details | Website | 2024-10-12 | 0 | Microsoft’s guidance to help mitigate Kerberoasting | ||
| Details | Website | 2024-10-11 | 0 | Microsoft's guidance to help mitigate Kerberoasting | Microsoft Security Blog | ||
| Details | Website | 2024-10-10 | 0 | Die größten Identitätsbedrohungen für Unternehmen - Arctic Wolf | ||
| Details | Website | 2024-10-10 | 0 | Active Directory: Advanced Techniques and Tactics | ||
| Details | Website | 2024-10-10 | 3 | Kerberoasting Attack | ||
| Details | Website | 2024-10-03 | 2 | A Treasure Trove of Trouble: Open Directory Exposes Red Team Tools | ||
| Details | Website | 2024-09-30 | 680 | US-CERT Vulnerability Summary for the Week of September 23, 2024 - RedPacket Security | ||
| Details | Website | 2024-09-28 | 33 | Active Directory Pentesting | Offensive Security Proving Grounds Access Writeup |