Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Abusing Replication: Stealing AD FS Secrets Over the Network
Threat Actors
April 29, 2021
FireEye
A threat actor can abuse the Policy Store Transfer Service to acquire the encrypted Token Signing Certificate over the network, similar to the DCSync technique for Active Directory.
Read More
Active Directory Federation Services (AD FS)
AD FS Replication
token-signing certificate
internal network
Identity Provider (IdP)
Publisher
Previous
Click Studios says phishers are using breach notificati ...
Identity Theft, Fraud, Scams
Next
Only 8% of businesses that paid a ransom got all of the ...
Trends, Reports, Analysis
/https://cyware-ent.s3.amazonaws.com/image_bank/1756_shutterstock_581432749.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/7d44_shutterstock_1508385932.jpg)
