Active Directory Security

Semperis Chief Technologist Guido Grillenmeier Speaks at 18th German IT Security Congress

Semperis Chief Technologist Guido Grillenmeier Speaks at 18th German IT Security Congress

  • Oliver Keizers

Guido Grillenmeier, Semperis Chief Technologist, will contribute a presentation, "Combating an ongoing attack on an identity system," at the 18th German IT Security Congress, an event hosted by the German Federal Office for Information Security. The 18th German IT Security Congress is a high-profile event over two days with rigorously…

Identity Attack Watch: January 2022

Identity Attack Watch: January 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

EMA Report: Unknown Vulnerabilities Emerge as Top Active Directory Security Concern

EMA Report: Unknown Vulnerabilities Emerge as Top Active Directory Security Concern

  • Michele Crockett

Unknown vulnerabilities are the top Active Directory security concern of IT security practitioners, according to a new report from Enterprise Management Associates (EMA). Known but unaddressed AD vulnerabilities fall closely behind. Most concerning risks to overall security posture cited by survey respondents were: Native Microsoft security flaws Social engineering attacks,…

Unconstrained Delegation in Active Directory

Unconstrained Delegation in Active Directory

  • Gil Kirkpatrick

As is often the case with Active Directory, some of the worst security gaps are caused by misconfigurations that leave open doors for potential cyber threats. One common setting that cybercriminals love to exploit is unconstrained delegation. What is unconstrained delegation, and why is unconstrained delegation a security risk? Delegation…

Identity Attack Watch: December 2021

Identity Attack Watch: December 2021

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

3 Steps to Mitigating Two Recent Active Directory Domain Service Privilege Escalation Security Flaws

3 Steps to Mitigating Two Recent Active Directory Domain Service Privilege Escalation Security Flaws

  • Elad Shamir

After releasing security patches for two Active Directory vulnerabilities during the November 2021 Patch Tuesday, Microsoft urged customers on December 20 to apply the patches immediately to prevent attackers from taking over Windows domains. In addition to patching, organizations can increase their defenses against attacks by executing a couple of…

6 Take-Aways from HIP Global Conference 2021

6 Take-Aways from HIP Global Conference 2021

  • Michele Crockett

The chat boxes were on fire and Twitter was buzzing during the recent Hybrid Identity Protection Conference 2021, where the identity and security community gathered to grapple with current-day challenges and prepare for the future of identity. The online conference held Dec. 1-2 drew a mix of identity and access…

Identity Attack Watch: November 2021

Identity Attack Watch: November 2021

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…