Reminder: Die gültigen #Zertifikat-Laufzeiten schrumpfen.

🟡 15. März 2026: 200 Tage ☹️
🟠 15. März 2027: 100 Tage 🤢
🔴 15. März 2029: 47 Tage 🤮

Unser Status:
✅ #LetsEncrypt (wo einfach möglich) aktiviert
✅ 30-Tage-Zertifikate der internen AD CS PKI für Intranetdienste auf #WindowsServer und #Linux mit #PowerShell vollautomatisiert
⏳ AD FS, Exchange

https://www.heise.de/news/47-Tage-CAs-und-Browserhersteller-beschliessen-kuerzere-Laufzeit-fuer-Zertifikate-10352867.html

#sysadmin #admin #itsicherheit #zertifikate #tls #ssl #reminder #adcs #adfs #pki #intranet #internet

Is today a #FediHire Friday? Sure looks like it!

What I'm looking for: A senior level, individual contributor role supporting Windows, Active Directory, Certificates, PKI, Azure, and information security in a large enterprise. I like to solve weird problems and make computers run smoothly. I want to help others use technology effectively. Interested in relocating outside of the US.

My main focus the last few years has been rebuilding and modernizing a struggling certificate environment. That includes growing the team to meet our company needs, migrating our AD-integrated private PKI stack to a certificates-as-a-service vendor, getting a handle on our web PKI consumption, and making massive improvements to our certificate life-cycle management platform. I supported and advised our CyberSec and Desktop teams as we rolled out multi-factor authentication to 50,000 employees and contractors across the US. My understanding of deep computer fundamentals, talent for quickly grasping nuances of larger systems, and calmness in a crisis have contributed to quickly resolving major technology outages regardless of root cause.

This role hasn't been exclusively technical. A big part of my current job is building relationships with our developers to help them understand how certificates work, the responsible ways to use them, and what our relevant internal policies are. I've developed training and teaching material for junior and mid-level engineers featuring practical PKI concepts and our specific enterprise requirements. I've worked closely with fellow principal engineers and architects to design secure, resilient services. I've gotten to spend some time with upper management to both explain the immediate challenges we've had and the plans we can implement improve our infrastructure, reducing costs and outages.

While this position has been focused on certs and how to use them, I'm very comfortable considering a technical leadership role for Windows (server and desktop) administration and Active Directory. I also have some good experience with Azure and virtualization platforms, but they haven't been my daily focus for several years.

My current employer is direct retail for general public consumers. I've also worked in banking/finance, manufacturing, and architecture/civil engineering firms. The common thread is I love to help people leverage technology for their goals, to help them be more effective.

In my personnel/volunteer time I've done very similar: working backstage with lights/sounds/projections so live performers can shine, and volunteering at local repair clinic events to help my neighbors with technology that isn't meeting their expectations.

Right now I'm in Syracuse, New York (about five hours from NYC), but I'm open to relocation/migration anywhere in the world.

PMs open if you want to talk details. Boosts/retoots appreciated.

#Job #GetFediHired #FediHired #ITJobs #Windows #ActiveDirectory #Certificate #MSCA #MicrosoftCertificateAuthority #ADCS #PKI #WebPKI #Azure #Migration #CyberSecurity #InfoSecurity #RemoteWork

The future of oncology is shifting. Our latest article explores the explosive rise of ADC cancer treatment in China—the "magic bullets" that Merck and AstraZeneca are spending billions to acquire.

MedBridgeNZ facilitates Medical Tourism China by connecting you directly with the top-tier hospitals pioneering these treatments.

Read more: https://zurl.co/G0Svk

#ADCs #Oncology #CancerTreatment #China #MedicalConcierge #MedicalTourismChina

SCEP Request Tool for AD CS and Intune

A command-line SCEP client enabling certificate requests from AD CS/NDES and Intune during pentesting.

https://github.com/dirkjanm/scepreq

#ADCS

Detecting ADCS Privilege Escalation: https://www.blackhillsinfosec.com/detecting-adcs-privilege-escalation/

#activedirectory #adcs #privilegeescalation

ESCплуатация: новый вектор атаки на Active Directory Certificate Services

Привет, Хабр! По горячим следам нашей большой статьи про векторы атак ESC1-ESC15 мы — команда PT Cyber Analytics — решили подробно разобрать относительно новый вектор атаки ESC16. Возможность обнаружения и эксплуатации этого вектора была добавлена в майском обновлении ПО Certipy.

https://habr.com/ru/companies/pt/articles/928484/

#activedirectory #cybersecurity #пентест #certificate_authority #certificates #adcs #redteam #certipy