Cyber security
Related Links

Semperis, a provider of AI-powered identity security and cyber resilience, released new research detailing Golden dMSA, a critical design flaw active in delegated Managed Service Accounts (dMSA) in Windows Server 2025.

The flaw can result in high-impact attacks, enabling cross-domain lateral movement and persistent access to all managed service accounts and their resources across Active Directory indefinitely.

Attack technique

To help further understanding of how this attack technique works in practice, Semperis researcher Adi Malyanker built a tool called GoldenDMSA.

The tool incorporates the logic of the attack, allowing users to efficiently explore, evaluate, and simulate how the technique may be exploited in real-world environments. The Golden dMSA attack leverages a cryptographic vulnerability that can undermine Microsoft's latest security innovation in Windows Server 2025. This technique exploits the architectural foundation of dMSAs.  

Critical design flaw

The ManagedPasswordId structure contains predictable time-based components with only 1,024 combinations

The attack leverages a critical design flaw: the ManagedPasswordId structure contains predictable time-based components with only 1,024 combinations, making brute-force password generation computationally trivial.

Golden dMSA exposes a critical design flaw that could let attackers generate service account passwords and persist undetected in Active Directory environments,” said Malyanker.

I built a tool that helps defenders and researchers better understand the mechanism of the attack. Organisations should proactively assess their systems to stay ahead of this emerging threat.”

New research

Semperis researchers, pioneers in identity threat detection, recently announced new research into nOauth, a known vulnerability in Microsoft’s Entra ID that enables full account takeover in vulnerable SaaS apps with minimal attacker effort.

In addition, new detection capabilities were developed in the company’s Directory Services Protector platform to enable defence against BadSuccessor, a high-severity privilege escalation technique targetting a newly introduced feature in Windows Server 2025.

Last year, Semperis researchers discovered Silver SAML, a new variant of the SolarWinds-era Golden SAML technique that bypasses standard defences in Entra ID-integrated applications.

Stay ahead of the trends on securing physical access control systems through layered cybersecurity practices.

Related white papers
Aligning physical and cyber defence for total protection

Aligning physical and cyber defence for total protection

Download
Combining security and networking technologies for a unified solution

Combining security and networking technologies for a unified solution

Download
System design considerations to optimize physical access control

System design considerations to optimize physical access control

Download
Related articles
How physical security consultants ensure cybersecurity for end users

How physical security consultants ensure cybersecurity for end users
How managed detection and response enhances cybersecurity management in organisations

How managed detection and response enhances cybersecurity management in organisations
Drawbacks of PenTests and ethical hacking for the security industry

Drawbacks of PenTests and ethical hacking for the security industry