Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
The Colonial Pipeline cyberattack in May 2021 ranks as one of the top critical infrastructure attacks to date. At the time, Semperis Director of Services Sean Deuby predicted that the ransomware-as-a-service (RaaS) attack was an “implication of what is to come … open season on infrastructure providers.” One year later,…
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against cyberattacks targeting Active Directory, the Semperis Research Team offers this monthly roundup of recent attacks that used…
The FBI has released FBI Flash CU-000167-MW warning that BlackCat/ALPHV ransomware-as-a-service (RaaS) group has compromised at least 60 entities globally. As with the majority of cyberattacks, BlackCat/ALPHV’s end game is an Active Directory attack. Top on the FBI’s list of recommended mitigations is reviewing your Active Directory environment for unrecognized…
Hybrid computing environments will be the norm for the foreseeable future: According to a 2021 Gartner report, only 3% of mid-sized and large organizations will migrate completely from on-premises Active Directory (AD) to a cloud-based identity service by 2025. But IT leaders managing hybrid environments face an increasingly complex challenge:…
Cyberattacks targeting Active Directory (AD) are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used…
Note: Updated March 30, 2022 At a past Hybrid Identity Protection Conference, several of us spoke about the ongoing use of Active Directory as a subject of interest in malware attacks. Whether it’s mining AD for information about privileged access, compromising user accounts that lead to increasing levels of privilege…
In 2019, the Financial Conduct Authority (FCA) proposed changes to how institutions within the UK financial sector ensure operational resilience, particularly against the threat of cyberattacks. The FCA will start enforcing the guidance on March 31, 2022. All organizations regulated by the FCA will face audits to prove their compliance…