Active Directory
Coverage of Active Directory in the Nexus archive.
- UK school’s network left wide open for invasion, student found
A UK school's network was found to have severe security vulnerabilities, including unauthenticated access to Active Directory domain controller tools and cleartext admin passwords stored in description fields. A 17-year-old student discovered these flaws, gaining access to sensitive data, staff/student information, and systems like Google Workspace and LanSchool, but chose not to exploit them.
- All the passwords were stored in Active Directory description fields
A company stored service account passwords in Active Directory description fields, leading to a ransomware attack after hackers accessed these credentials via phishing and the Sliver tool. The breach resulted in 2000+ users being affected and the company being offline for months.
- AI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions.
- Can you enforce strong Active Directory password rules without frustrating users?
Specops Software highlights methods to enforce strong Active Directory passwords through passphrases, breached password protection, and self-service resets, ensuring security without compromising user experience.
- Why Changing Passwords Doesn’t End an Active Directory Breach
Resetting a password doesn't always remove attackers from Active Directory, as cached credentials and Kerberos tickets can keep them authenticated after a reset. This is explained by Specops Software. Attackers can remain in the system even after a password change.
- Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
Researchers in February 2026 identified a significant shift in cyber threats: threat actors now use custom AI setups to automate attacks within the kill chain, including autonomous agents that map Active Directory and steal Domain Admin credentials rapidly. Defensive workflows struggle to keep pace with these advanced AI-driven tactics.