Active Directory Backup & Recovery
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
Organizations Prioritize ITDR Solutions That Protect Active Directory Before, During, and After a Cyberattack
- Itay Nachum
The word is out that identity systems—and Active Directory in particular—are prime targets for cyberattacks. As a company that pioneered solutions purpose-built for protecting and recovering Active Directory from cyberattacks, we were happy to see multiple research firms recently confirm the criticality of AD-specific cybersecurity solutions. Gartner not only named…
Revisiting the Colonial Pipeline Cyberattack, One Year Later
- Semperis Team
The Colonial Pipeline cyberattack in May 2021 ranks as one of the top critical infrastructure attacks to date. At the time, Semperis Director of Services Sean Deuby predicted that the ransomware-as-a-service (RaaS) attack was an “implication of what is to come … open season on infrastructure providers.” One year later,…
Combatting a BlackCat Ransomware Active Directory Attack
- Semperis Team
The FBI has released FBI Flash CU-000167-MW warning that BlackCat/ALPHV ransomware-as-a-service (RaaS) group has compromised at least 60 entities globally. As with the majority of cyberattacks, BlackCat/ALPHV’s end game is an Active Directory attack. Top on the FBI’s list of recommended mitigations is reviewing your Active Directory environment for unrecognized…
Securing Active Directory Is First Step in Aligning with New UK Financial Conduct Authority Guidelines
- Dan Bowdrey
In 2019, the Financial Conduct Authority (FCA) proposed changes to how institutions within the UK financial sector ensure operational resilience, particularly against the threat of cyberattacks. The FCA will start enforcing the guidance on March 31, 2022. All organizations regulated by the FCA will face audits to prove their compliance…
Semperis Chief Technologist Guido Grillenmeier Speaks at 18th German IT Security Congress
- Oliver Keizers
Guido Grillenmeier, Semperis Chief Technologist, will contribute a presentation, "Combating an ongoing attack on an identity system," at the 18th German IT Security Congress, an event hosted by the German Federal Office for Information Security. The 18th German IT Security Congress is a high-profile event over two days with rigorously…
EMA Report: Unknown Vulnerabilities Emerge as Top Active Directory Security Concern
- Michele Crockett
Unknown vulnerabilities are the top Active Directory security concern of IT security practitioners, according to a new report from Enterprise Management Associates (EMA). Known but unaddressed AD vulnerabilities fall closely behind. Most concerning risks to overall security posture cited by survey respondents were: Native Microsoft security flaws Social engineering attacks,…
6 Take-Aways from HIP Global Conference 2021
- Michele Crockett
The chat boxes were on fire and Twitter was buzzing during the recent Hybrid Identity Protection Conference 2021, where the identity and security community gathered to grapple with current-day challenges and prepare for the future of identity. The online conference held Dec. 1-2 drew a mix of identity and access…
Detecting and Mitigating the PetitPotam Attack on Windows Domains
- Ran Harel
Update August 10, 2021: Microsoft released a patch that partially covers the initial PetitPotam authentication coercion through MS-EFSR. Fresh on the heels of PrintNightmare and SeriousSam, we now have another high-impact attack vector on Windows domains that is relatively easy to carry out and difficult to mitigate. What is now…
