Semperis, a provider of AI-powered identity security and cyber resilience, today released new research detailing Golden dMSA, a critical design flaw active in delegated Managed Service Accounts ...

Some versions ago we got Managed Service Accounts, which did use long random password, that were rotated automatically by AD but could only be used on one server. This was followed by Group Managed ...

Exploit Brief In short, Delegated Managed Service Accounts (dMSA) were introduced in Windows Server 2025 to replace service accounts to minimize exposure to Kerberoasting. The exploit is focused ...

Windows Server 2025 Security features PDF download Windows Server 2025 is designed to help IT administrators better understand different layers of protection embedded in Windows Server.

The hole involves a relative path traversal vulnerability due to improper validation of path inputs related to domain Managed Service Accounts (dMSAs). The problem is in how Windows Kerberos ...

"Golden dMSA exposes a critical design flaw that could let attackers generate service account passwords and persist undetected in Active Directory environments," said Malyanker.