18 Years of AD Still Under Attack: A Chronicle of Microsoft Security
Security issues with Active Directory have been discussed for many years. It's been 18 years since the "Pass The Hash" attack technique emerged. Have we really completely eliminated these security issues? For example, starting with Windows 11 24H2, NTLM authentication is being phased out, but does that mean Kerberos cannot be attacked? As enterprise architectures gradually shift toward hybrid identity authentication (such as Entra ID and SAML), these vulnerabilities seem to be merging into a larger attack surface.
In this session, we will review the history of Active Directory attacks over the years and introduce related technologies. We will explore various attack methods that arise at the intersection of AD and cloud-based Azure & Entra ID hybrid identity authentication. Using more relaxed and simple concepts, we aim to help everyone quickly understand these potential vulnerabilities and attack vectors, hoping to provide a more comprehensive understanding of these weaknesses to manage related risks within enterprises.
TOPIC / TRACK
SecOps Forum
Lunch Learning Session
Live Translation Session
LOCATION
Taipei Nangang Exhibition Center, Hall 2
4F 4C
LEVEL
Intermediate Intermediate sessions focus on
cybersecurity
architecture, tools, and practical applications, ideal for
professionals with a basic understanding of
cybersecurity.
SESSION TYPE
Breakout Session
LANGUAGE
Chinese
Real-Time Chinese & English Translation
SUBTOPIC
Windows
Active Directory Security
Enterprise Security
CYBERSEC 2025 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。