Security News

Why Changing Passwords Doesn’t End an Active Directory Breach

BleepingComputer

Daniel Bender

11 May 2026

Resetting a password doesn't always remove attackers from Active Directory. Specops Software explains how cached credentials and Kerberos tickets can keep attackers authenticated after a reset.