This week I’m talking about Nested Groups and the risk they pose for security. Built-in to the functionality of Active Directory is the ability to attach a group to another group. While this has advantages for account administration across an organization, it also offers attackers opportunity if certain precautions are not taken. This week I’ll break down Nested Groups in DFIR terms, talk about how attackers take advantage of it and what analysts need to know for investigations.