Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Insert 'Skeleton Key', unlocks Microsoft Active Directory. Simples - hackers

Insert 'Skeleton Key', unlocks Microsoft Active Directory. Simples - hackers

2015/01/13

The Register - (International) Dell SecureWorks researchers identified a piece of malware known as Skeleton Key that can bypass authentication on Microsoft Active Directory (AD) systems, allowing attackers to authenticate as any corporate user. The malware must be redeployed when a domain controller is restarted and requires domain administrator credentials for initial deployment.

Source: http://www.theregister.co.uk/2015/01/13/skeleton_key_malware/

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:07