ESC15 Vulnerability: Identifying and Protecting Your AD CS PKI
October 17, 2024
Tony LaGrassa
Tony LaGrassa rigorously analyzes each organization’s technology environment and objectives to achieve a best-fit, comprehensive solution the first time around. He is well-versed in Microsoft products such as Active Directory and Azure. His broad knowledge base includes PKI, AD-related tech, certificate lifecycle management, hardware security modules, scripting, and automation.
Update Since Posting On November 12, 2024 Microsoft released an official fix to ESC15. Additional information can be found in the Microsoft Security Response Center. Background Although many organizations rely [...]
For as long as public key infrastructure (PKI) has existed, it has relied on certificate revocation lists (CRLs) and authority information access (AIA). CRLs are a fundamental part of most [...]
[VIDEO] [VIDEO] https://www.youtube.com/watch?v=xq8lAP1a9bM In this video, Ravenswood Senior Consultant Tony LaGrassa LaGrassa discusses the often overlooked but fundamental topic, time synchronization. He also delves into how you can properly configure [...]
In a previous blog post , we discussed taking advantage of Entra (formerly Azure Active Directory) Application Proxies to allow access to on-premises applications without a dependency on traditional tools [...]
In my previous blog post we reviewed why time synchronization is important, as well as proper time synchronization configuration of domain controllers (DCs) holding the Primary Domain Controller Emulator (PDCe) [...]
Time synchronization is an important yet sometimes overlooked part of security. Ensuring proper time settings is paramount to security in unexpected ways. [...]
The PetitPotam exploit can be used to completely own an environment, with very few prerequisites—but mitigation is within reac [...]