Author: Daniel
-
Escalating from On-prem to Entra through MITM Attacks
The security of HTTPS rests on the trustworthiness of certificate authorities (CAs). While it is highly unlikely that cyber criminals breach a public CA and issue a certificate without being detected, internal CAs are a different story. In fact, Active Directory Certificate Services (ADCS) is well-known for its misconfigurations.Most prior research targeted client authentication certificates,…