Skip to content
The Nexus
SECURITYMay 11 · 13:53 UTCBLEEPING COMPUTERSponsored by Specops Software

Why Changing Passwords Doesn’t End an Active Directory Breach

Resetting a password doesn't always remove attackers from Active Directory, as cached credentials and Kerberos tickets can keep them authenticated after a reset. This is explained by Specops Software. Attackers can remain in the system even after a password change.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this