Forgotten AD Service Accounts Putting You at Risk?
Threat actors increasingly exploit “orphaned” Active Directory (AD) service accounts logins originally created for legacy apps, test scripts or scheduled tasks that remain active with non-expiring passwords. Because these machine accounts sit outside normal user-lifecycle reviews, they often escape audits and accumulate dangerous permissions. An early-2024 botnet campaign against Microsoft 365 showed how attackers can […]