Active Directory has been a top cybersecurity tool for more than two decades. The problem with protecting AD—used by roughly 90% of the Fortune 1000 companies—from ransomware attacks is simply that it wasn’t designed for today’s security landscape. Many organizations don’t even know the full map of their deployment, making…
When it comes to protecting your enterprise from cyberattacks, protecting your identity infrastructure is key. Infiltrations of identity systems not only expose your most important assets and business operations to attack but can go undetected for long periods, causing significant damage. So, strengthening your identity security stance is an important…
The word is out that identity systems—and Active Directory in particular—are prime targets for cyberattacks. As a company that pioneered solutions purpose-built for protecting and recovering Active Directory from cyberattacks, we were happy to see multiple research firms recently confirm the criticality of AD-specific cybersecurity solutions. Gartner not only named…
“As a public safety entity, we seem to be a target for criminal activity,” said Micah Clark, Information Technology Director at Central Utah 911 and a user of Purple Knight, a free Active Directory security assessment tool from Semperis. “Making sure that our Active Directory is hardwired, that we don’t…
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
In his TROOPERS19 talk (“I’m in your cloud … reading everyone’s email”), Dirk-jan Mollema discussed an issue he discovered that enabled the use of SMTP matching (also called soft matching) to synchronize Active Directory (AD) users to Azure AD, with the goal of hijacking unsynchronized accounts. Jan stated that Microsoft…
Organizations are looking for cutting-edge technologies to facilitate increasing business demands. But as your organization grows, so does its attack surface. Understanding potential vulnerabilities—especially those related to Tier 0 identity assets like Active Directory—is important. To help spot such risks, many organizations turn to security information and event management (SIEM)…
Want to use the free Purple Knight tool to evaluate your Entra ID security posture? To run Purple Knight in your Entra ID environment, you need to create and update the app registration in Entra ID with a defined and consented set of application permissions for the Microsoft Graph. Semperis…