NEW Semperis Ransomware Study: Global Organizations Should Brace for Holiday Season Cyberattacks
Back to blogs listing

Active Directory Security

Categories

Featured Articles

AD Security 101: GPO Logon Script Security
  • Daniel Petri | Senior Training Manager
AD Security 101: Non-Default Security Principals with DCSync Rights
  • Daniel Petri | Senior Training Manager

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
How To Prepare For Cyberwar: It Starts With Identity

How To Prepare For Cyberwar: It Starts With Identity

  • Mickey Bresman

Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political…

Upgrading to WS2016/2019? Consider a Safety Net for AD

Upgrading to WS2016/2019? Consider a Safety Net for AD

  • Sean Deuby | Principal Technologist

A colleague here at Semperis recently looped me into a conversation with the manager of a large Active Directory environment running on Windows Server 2008 R2. With end of support for Windows Server 2008 and 2008 R2 coming up soon (officially January 14, 2020), planning is well underway for upgrade…

Toughen Up Your AD

Toughen Up Your AD

  • Edward Amoroso

Request for Comments (RFC) 1823 from August 1995 introduced the Lightweight Directory Access Protocol (LDAP) Application Programming Interface (API). One could argue that this important work served as the foundation for modern identity management. And yet, surprisingly, the word identity does not appear even once in the entire RFC. (The word directory shows up…

Why Most Organizations Still Can’t Defend Against DCShadow – Part 2

Why Most Organizations Still Can’t Defend Against DCShadow – Part 2

  • Darren Mar-Elia | VP of Products

In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a feature of the Mimikatz post-exploitation tool that…

Why Most Organizations Still Can’t Defend against DCShadow

Why Most Organizations Still Can’t Defend against DCShadow

  • Darren Mar-Elia | VP of Products

DCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in AD without anyone knowing. This allows the attacker to create backdoors all over AD that…

Group Policy Security– Tinkering with External Paths

Group Policy Security– Tinkering with External Paths

  • Darren Mar-Elia | VP of Products

If you’ve been following this blog, you know that about 2 and half years ago, I started talking about Group Policy’s precarious role in the typical enterprise’s security posture. Many, if not most, AD shops use GP to perform security hardening on their Windows desktops and servers. This includes everything…

NotPetya, the Russian Wiper

NotPetya, the Russian Wiper

  • Steve Mackay

You know Petya, and Sandworm, and Spyware, and Rootkits. Mimikatz and WannaCry, and backdoors and botnets.But do you recall....... the most damaging attack of all?....NotPetya the Russian Wiper, had a very nasty bite.And if you ever saw it, you would even say “Good Night!”.All of the other malware’s... used to…

Your Active Directory was compromised, is it all lost?

Your Active Directory was compromised, is it all lost?

  • David Lieberman

Following a 10-year stint in virtualization technologies, I joined Semperis and dove into the world of Active Directory. Over the last three years, which included some of the most vicious malware attacks ever documented, I think I have finally come up to speed on this part of the IAM world.…