Everybody obsesses about Domain Admin and DC security, for obvious reasons. But if a capable espionage-focused attacker can get to Exchange that's gold: -value of emails themselves, of course -external C2 possible that few monitoring for -wicked host-to-host internal C2 possible
-
-
Yeah, the whole PrivExchange thing got people paying more attention to the fact that the "just click on through" defaults for installing were not adequate in terms of rights left exposed.https://adsecurity.org/?p=4119
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.