Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Learn how to clean up Active Directory before enabling SAML-based SSO to ensure secure authentication, accurate user mapping, and smooth identity integration.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

PowerShell modules allow you to combine multiple scripts to simplify code management. Learn step-by-step instructions for creating and using these modules.

PowerShell的Active Directory模块包含多种cmdlet，可实现对Active Directory的远程管理，方便用户通过命令行高效执行各类目录服务操作，提升管理自动化水平。 1、 Active Directory模块属于远程服务器管理工具（RSAT），需先下载再安装至指定目录方可使用。 2、 安装完毕后 ...

PowerShell cross-platform limitations break Windows-only cmdlets, .NET dependencies, and Windows Forms GUIs on Linux. Dual booting and WinBoat enable Windows PowerShell compatibility but introduce ...

Active Directory is one of the most essential tools for managing users, computers, and permissions in professional Windows environments. While it is not installed by default in Windows 11, Microsoft ...

Editor's take: Microsoft is doubling down on its plan to turn Windows 11 into an "agentic AI" platform, and in the process seems determined to strip away the last bits of user agency left in the OS.

This script will scan your AD and Export a CSV list of Pcs that have not had activity, prior to your set number of days tolerance you input.

The threat actor known as Storm-0249 is likely shifting from its role as an initial access broker to adopt a combination of more advanced tactics like domain spoofing, DLL side-loading, and fileless ...

Active Directory Domain Services (AD DS) remains central to enterprise identity, powering authentication and authorization across hybrid environments. As organizations modernize, AD DS continues to be ...