Active Directory Security

Semperis Identity Attack Watch: January 2021

Semperis Identity Attack Watch: January 2021

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware.   This month, the Semperis Research Team highlights an exploit…

Semperis Expert: SolarWinds Attack Highlights Need to Secure AD

Semperis Expert: SolarWinds Attack Highlights Need to Secure AD

  • Semperis Team

The disclosure of the supply chain attack against SolarWinds in late 2020 was a wake-up call for federal agencies responsible for securing U.S. information assets—and for the security industry. As more details behind the attack come to light, one of the most significant revelations is that attackers used tried-and-true methods…

Moving on from Active Directory Red Forest

Moving on from Active Directory Red Forest

  • Darren Mar-Elia | VP of Products

As far back as 2012, Microsoft released the first version of its important “Mitigating Pass-the-Hash and Credential Theft” whitepapers. In this first version, Microsoft defined the problem of lateral movement and privilege escalation within a Windows Active Directory on-premises environment and included best practices for mitigating these kinds of attacks at the time. Two years later, Microsoft released version 2…

Semperis CEO Calls on Security Leaders to Defend Active Directory

Semperis CEO Calls on Security Leaders to Defend Active Directory

  • Semperis Team

It might seem like Active Directory is just another service that needs to be recovered in the wake of a cyberattack. But the reality is, AD is a keystone. If it’s compromised, so is your entire environment. Nearly half (47%) of organizations use Active Directory as their primary identity store. 51% use it…

Hybrid Identity Protection (HIP) Predictions for 2021

Hybrid Identity Protection (HIP) Predictions for 2021

  • Thomas Leduc

2020 was a hugely disruptive year across the globe. And while cybersecurity may have been background noise to a world tuned to health and financial issues, widespread cyberattacks have left reverberations that will be felt for years to come.  We asked expert speakers from the recent Hybrid Identity Protection (HIP) Conference to share a brief look back at what happened in 2020 and what they're focusing on in the year ahead as…

NotPetya Flashback: The Latest Supply-Chain Attack Puts Active Directory at Risk of Compromise

NotPetya Flashback: The Latest Supply-Chain Attack Puts Active Directory at Risk of Compromise

  • Chris Roberts

Last week, news broke that a sophisticated adversary penetrated FireEye's network and stole the company's Red Team assessment tools. The attack is reportedly linked to a larger supply-chain assault that struck government, consulting, technology, and telecom organizations throughout North America, Europe, Asia, and the Middle East.   To get an idea of what this stolen toolset…

Egregor Ransomware Attack on Kmart is a Reminder that Active Directory Needs to Be Protected and Recoverable

Egregor Ransomware Attack on Kmart is a Reminder that Active Directory Needs to Be Protected and Recoverable

  • Darren Mar-Elia | VP of Products

The latest ransomware-as-a-service attack leaves the well-known retailer, Kmart, with service outages and a compromised Active Directory.   In the wake of Maze ransomware "retiring" last month, many of its affiliates have moved to the new kid on the ransomware block, Egregor. Named after an occult term meaning the collective energy or force…

The Stakes Are Higher in Healthcare: Fighting Cybercrime During a Pandemic

The Stakes Are Higher in Healthcare: Fighting Cybercrime During a Pandemic

  • Gil Kirkpatrick

In the healthcare industry, cybersecurity issues have consequences that go well beyond the loss of data. Recently, the FBI and other federal agencies warned of a credible threat of "increased and imminent cybercrime" to U.S. hospitals and healthcare providers. Criminal groups target the healthcare sector to carry out "data theft…