Cyber Millennial

Strategic cybersecurity insight from the edge of practice

  • Why New Zealand?
  • Cybersecurity Insights
  • Professor Intro

Still Poisoned: Authenticated Users and Microsoft DNS Hijacks

Cyber Millennial
July 25, 2025 by Robert Kehl in Misconfiguration, Security Architecture

Authenticated Users can often write to internal Microsoft DNS zones by default. This misconfiguration turns DNS into a stealth pivot tool. This article unpacks how overlooked permissions in AD-integrated DNS allow attackers to quietly redirect traffic, bypass network controls, and poison trust from the inside.

Read More
July 25, 2025 /Robert Kehl
Active Directory, Access Control, privileged access, default credentials
Misconfiguration, Security Architecture

It’s 2025. Why Are Default Credentials Still a Threat?

Cyber Millennial
July 24, 2025 by Robert Kehl in Security Architecture, Misconfiguration

From an adversary’s perspective, default credentials are free real estate. Even in 2025, they show up in security appliances, virtual infrastructure, and remote access portals. These are not obscure bugs. They’re predictable entry points, often left behind in environments that look mature on the surface. This article unpacks how attackers find them, why they still work, and what their presence says about our operational blind spots.

Read More
July 24, 2025 /Robert Kehl
identity security, privileged access, default credentials, infrastructure risk, incident response
Security Architecture, Misconfiguration