Active Directory Security
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
How to Defend Against Golden Ticket Attacks on Active Directory
- Sean Deuby | Principal Technologist
In the 1964 Roald Dahl novel Charlie & the Chocolate Factory, the enigmatic Willy Wonka hides five Golden Tickets among his factory’s chocolate candy bars. Those who find the tickets win the honor of behind-the-scenes access to his company’s facility. In the digital world, Golden Tickets also provide access, but…
Why 86% of Organizations Are Increasing Their Investment in Active Directory Security
- Michele Crockett
New EMA Research Highlights the Rise of Active Directory Exploits Active Directory is getting a lot of buzz in business and tech news outlets lately—but not in a good way. AD continues to be a prime target for cybercriminals: Just a few recent examples include AD-related attacks on Sinclair Broadcast…
HIP Conference 2021: Practical AD Security Fixes for Today and Identity Protection Trends for Tomorrow
- Michele Crockett
Against a backdrop of surging cyberattacks and stepped-up measures by governments to address cybercrime, the award-winning 2021 Hybrid Identity Protection Conference, a virtual event on Dec. 1-2, will deliver visionary perspectives on identity protection in the future as well as practical tips for securing identity systems—particularly Active Directory—today. Finding and…
Identity Attack Watch: October 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
How Attackers Can Use Active Directory Primary Group Membership for Defense Evasion
- Yuval Gordon
Identity systems—particularly Active Directory, which is the primary identity store for most businesses—are constantly under attack by cybercriminals because they are the gateway to an organization’s critical information systems, including valuable customer data. Here we'll explore a little-known Discretionary Access Control List (DACL) tactic that attackers can use to hide…
Identity Attack Watch: August 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
Now’s the Time to Rethink Active Directory Security
- Guido Grillenmeier
Note: This article was first published in the July 2021 issue of the monthly newsletter Network Security, and appears here with the permission of the publisher. Winding back the clock 21 years to the turn of the millennium would be astrange experience, given the world we live in today. Even…
Detecting and Mitigating the PetitPotam Attack on Windows Domains
- Ran Harel
Update August 10, 2021: Microsoft released a patch that partially covers the initial PetitPotam authentication coercion through MS-EFSR. Fresh on the heels of PrintNightmare and SeriousSam, we now have another high-impact attack vector on Windows domains that is relatively easy to carry out and difficult to mitigate. What is now…
