Active Directory Security
Categories
- Active Directory Backup & Recovery (61)
- Active Directory Security (207)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (64)
- Identity Attack Catalog (24)
- Identity Threat Detection & Response (139)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (66)
- Uncategorized (1)
Hafnium Attack Timeline
- Sean Deuby | Principal Technologist
The attacks on Microsoft Exchange servers around the world by Chinese state-sponsored threat group Hafnium are believed to have affected over 21,000 organizations. The impact of these attacks is growing as the four zero-day vulnerabilities are getting picked up by new threat actors. While the world was introduced to these…
Identity Attack Watch: April 2021
- Semperis Research Team
Cyberattacks targeting Active Directory (AD) are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware. In this April roundup, the Semperis Research Team highlights identity-related cyberattacks,…
Active Directory Experts Have a Future in Security
- Gil Kirkpatrick
Between the growth of cloud applications and a changing threat landscape, the world of a Microsoft Active Directory (AD) professional has changed significantly over the last 20-plus years. As in any other area of IT, the drive and curiosity to level up one’s skills to keep pace with evolving technologies…
How to Defend Against Active Directory Attacks That Leave No Trace
- Guido Grillenmeier
Cybercriminals are using new tactics and techniques to gain access to Active Directory in novel ways, making their attacks even more dangerous—and more necessary to detect. One of the most important parts of any cybersecurity strategy is detection. Having an ability to spot the bad guy entering, moving about, or worse—administering—your network is…
Identity Attack Watch: March 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used identity…
Do You Know Your Active Directory Security Vulnerabilities?
- Sean Deuby | Principal Technologist
Microsoft Active Directory security involves dealing with a mixed bag of risks, ranging from management mistakes to unpatched vulnerabilities. We often write about the fact that cyber-attackers are targeting AD to elevate privileges and gain persistence in the organization. Investigate a typical data breach, and you’ll find that stolen credentials…
DnsAdmins Revisited
- Yuval Gordon
How Potential Attackers Can Achieve Privileged Persistence on a DC through DnsAdmins The Semperis Research Team recently expanded on previous research showing a feature abuse in the Windows Active Directory (AD) environment where users from the DnsAdmins group could load an arbitrary DLL into a DNS service running on a…
Semperis Identity Attack Watch: February 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
