20 Jahre alt und immer noch das Haupteinfallstor für Angreifer: Das Active Directory | Oliver Jäkel

When entire companies are encrypted after a ransomware attack, the Active Directory is usually compromised beforehand. This system has been running in almost every organization for 20 years and controls who has access to what. This is precisely what makes it a prime target for attackers. Oliver Jäkel talks with Lena Morgenroth about a technical topic that isn't currently trending, and therefore all the more relevant. It's about default settings designed for speed rather than security, about domain administrators with too much power, and about the hybrid reality of many organizations where cloud strategies must complement, not replace, the old on-premises system. Oliver provides concrete advice on where organizations should start: with administrative permissions, with protocols like LDAP and Kerberos, and with the question of which services should not be connected to Active Directory. This episode is for anyone who wants to know why, from an auditor's perspective, networking and Active Directory are at the top of the priority list. Moderation: Lena Morgenroth HiSolutions is a leading management and technology consulting firm specializing in security and digitalization. For over 30 years, we have combined highly specialized expertise with conceptual strength, innovative power, and implementation competence. Show notes: Blog article by Oliver Jäkel on the HiSolutions Research Blog: Windows attacks that violate trust: https://research.hisolutions.com/2025... Password policies in Active Directory. A Misunderstanding with Consequences: https://research.hisolutions.com/2025... #activedirectory #microsoft #networksecurity #cybersecurity #ransomware 00:00 Entry Point: Active Directory 01:03 Intro & Introduction 03:23 What is Active Directory and why is it so important? 08:05 What are the consequences and causes of misconfigurations in Active Directory? 11:50 What is the best starting point for securing Active Directory? 14:45 Closing Remarks 📲 Stay connected with us on other social media platforms: LinkedIn:   / hisolutions-ag   Mastodon: https://infosec.exchange/@hisolutions Spotify: https://open.spotify.com/show/6FwPurx... Apple: https://podcasts.apple.com/us/podcast... 📧 Subscribe to our newsletters on exciting topics related to IT security, IT management, and digitalization: https://www.hisolutions.com/newsletter Want to join our team? Here are our current job openings: https://karriere.hisolutions.com/