{"type":"rich","version":"1.0","provider_name":"Transistor","provider_url":"https://transistor.fm","author_name":"Threat Talks - Your Gateway to Cybersecurity Insights","title":"Bad Successor: The Service Account Flaw to Watch","html":"<iframe width=\"100%\" height=\"180\" frameborder=\"no\" scrolling=\"no\" seamless src=\"https://share.transistor.fm/e/8ff1c49a\"></iframe>","width":"100%","height":180,"duration":1035,"description":"It was built to secure service accounts.Instead, it became the cleanest privilege-escalation vector of 2025.They called it Bad Successor (A.K.A. CVE-2025-53779).A new “secure by design” feature in Windows Server 2025 -DMSA -was supposed to fix service account hygiene. Instead, it introduced a loophole where attackers could claim successor status, skip password requirements, and silently inherit elevated rights from any target account.Including domain admin.Even after Microsoft patched the issue, the deeper risk remains:Service accounts are over-privileged, under-monitored, and dangerously trusted -and adversaries know it.This isn’t a niche AD misconfiguration.It’s a privilege-escalation design flaw hiding inside a security feature, and a warning shot for every environment leaning on default trust in the identity layer.Watch host Rob Maas, Field CTO at ON2IT, and Luca Cipriano, CTI & Red Team Lead at ON2IT break down how Bad Successor works, how attackers exploited it, and what a Zero Trust AD strategy actually looks like in 2025.Key Topics Covered• How a security upgrade became a privilege-escalation vector.• Why service account security failures create invisible attack paths.• The real DMSA abuse chain: child objects → successor claim → domain admin.• Zero Trust defenses for AD: permissions, logging, rotation, least privilege.Got your attention?Subscribe to Threat Talks and turn on notifications for deep dives into the world’s leading cyber threats and trends.Guest and Host Links:Rob Maas (Field CTO, ON2IT): https://threat-talks.com/the-hosts/Luca Cipriano (CTI & Red Team Lead, ON2IT): https://threat-talks.com/the-hosts/Additional ResourcesThreat Talks: https://threat-talks.com/ON2IT (Zero Trust as a Service): https://on2it.net/AMS-IX: https://www.ams-ix.net/ams🔔 Follow and Support our channel! 🔔=== ► YOUTUBE: https://youtube.com/@ThreatTalks► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E► APPLE:...","thumbnail_url":"https://img.transistorcdn.com/zxiRQtIn39fLuEqIC458HdYTjdufBy-QMdJtCYFz97Y/rs:fill:0:0:1/w:400/h:400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS8xN2Q1/NGE1NjBhYWY0ZmY5/NzEyODA5OGU3NDdi/MmNmYi5qcGc.webp","thumbnail_width":300,"thumbnail_height":300}