CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
Enterprises widely use Active Directory (AD) as the backbone for their corporate network management. From asset management to access control, AD provides enterprises an effective solution for IT. However, while Active Directory provides variety of functionalities, IT administration without security awareness will leads to misconfiguration that makes enterprise prone to security risk. These misconfigurations often stay unnoticed, due to the complexity of intranet, until an intruder abuse it. Oriented from hacker mindset, this talk briefly presents several misconfigurations that are abused by attacker to compromised domain controller. In advance, taking apart an attack path from usually ignored misconfigurations allowing attacker to control entire Active Directory service.
Mars Cheng (@marscheng_) is a manager of TXOne Networks PSIRT and threat research team, responsible for coordinating product security and threat research. Mars blends a background and experience in both ICS/SCADA and enterprise cybersecurity systems. Mars has directly contributed to more than ten CVE-IDs, and has had work published in three Science Citation Index (SCI) applied cryptography journals. Before joining TXOne, Cheng was a security engineer at the Taiwan National Center for Cyber Security Technology (NCCST). Mars is a frequent speaker and trainer at several international cyber security conferences such as Black Hat Europe, DEFCON, SecTor, FIRST, HITB, ICS Cyber Security Conference Asia and USA, HITCON, SINCON, CYBERSEC, and CLOUDSEC. Mars is general coordinator of HITCON (Hacks in Taiwan Conference) 2022 and was coordinator of HITCON 2021 and vice general coordinator of HITCON 2020.
Dexter Chen is a threat researcher at TXOne Network with a primary focus on penetration testing, red teaming, and Active Directory security. He used to be a red teamer that specialized in lateral movement and operation security in Trend Micro. He was the instructor of several trainings including HITCON training, Cybersecurity Center of Excellence (CCOE), and Ministry of National Defense. Dexter is a cyber security enthusiast who likes to play labs, vulnerabilities, and attack techniques and he is currently the holder of OSCP and OSWE.