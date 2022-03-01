ContributorsPublishersAdvertisers
Introducing the Golden GMSA Attack

By Yuval Gordon
securityboulevard.com
 2 days ago

Cover picture for the articleThis article introduces a new attack targeting Group Managed Service Accounts (gMSA), dubbed the “Golden GMSA” attack, allowing attackers to dump Key Distribution Service (KDS) root key attributes and then generate the password for all the associated gMSAs offline. TL;DR. An attacker with high privileges can obtain...

securityboulevard.com

