1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Attackers target OWA for domain credentials

Discussion in 'CSO' started by RSS, Oct 7, 2015.

  1. RSS

    RSS New Member Member

    A targeted attack against Outlook Web Application (OWA) illustrates how far adversaries will go to establish persistent control over the organization's entire network.

    As seen in recent breaches, attackers typically use stolen credentials or malware to get a foothold on the network, and then target the domain controller. Once attackers successfully compromise the domain controller, they can impersonate any user and move freely throughout the enterprise network. Since the OWA server, which provides companies with a Web interface for accessing Outlook and Microsoft Exchange, depends on the domain controller for authentication, whoever gains access to the OWA server automatically wins the domain credentials prize.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page