Attackers target OWA for domain credentials

A targeted attack against Outlook Web Application (OWA) illustrates how far adversaries will go to establish persistent control over the organization’s entire network.

As seen in recent breaches, attackers typically use stolen credentials or malware to get a foothold on the network, and then target the domain controller. Once attackers successfully compromise the domain controller, they can impersonate any user and move freely throughout the enterprise network. Since the OWA server, which provides companies with a Web interface for accessing Outlook and Microsoft Exchange, depends on the domain controller for authentication, whoever gains access to the OWA server automatically wins the domain credentials prize.

To read this article in full or to leave a comment, please click here

Read more: Attackers target OWA for domain credentials

Story added 7. October 2015, content source with full text you can find at link above.