Identity Threat Detection & Response
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
Pass the Hash Attack Defense: AD Security 101
- Daniel Petri | Senior Training Manager
Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a user’s password hash. The attack is difficult to detect and can lead to privilege escalation and serious damage to your…
NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 2)
- Daniel Petri | Senior Training Manager
When it comes to cybersecurity—especially the security of critical identity infrastructure—the minimum expectation for every organization should be closing known vulnerabilities and configuration gaps. Welcome to the second of our three-part discussion of how the CISA and NSA top ten cybersecurity misconfigurations list applies to hybrid Active Directory environments and…
How to Defend Against Golden Ticket Attacks: AD Security 101
- Daniel Petri | Senior Training Manager
Golden Ticket attacks are particularly cunning. Like Kerberoasting, Golden Ticket attacks exploit the Kerberos authentication system and are one of the most severe threats to Active Directory environments. Here’s more information about this type of attack and how you can defend your Active Directory environment. What is a Golden Ticket…
Top 3 Identity-Based Attack Trends to Watch in 2024
- Semperis
Each year, the total number of cyberattacks and cost of ransomware-related damage increases globally. Microsoft recently reported that attempted password attacks have soared “from around 3 billion per month to over 30 billion.” Clearly, a proactive approach to mitigating identity-based attacks is a good New Year’s resolution. To help you…
Holiday Cybersecurity Tips
- Sean Deuby | Principal Technologist
The holidays are a busy time for shoppers, retail businesses—and cybercriminals. The Cybersecurity and Infrastructure Security Agency (CISA) has previously noted “an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed” and has called holiday shopping seasons “a prime opportunity for bad actors to…
How to Defend Against MFA Fatigue Attacks: AD Security 101
- Daniel Petri | Senior Training Manager
An MFA fatigue attack—also known as MFA bombing—is an attack tactic, technique, and procedure (TTP) in which a threat actor floods users with multifactor authentication (MFA) requests. By overwhelming, confusing, or distracting the user into approving a fraudulent request, attackers hope to gain access to your network environment. Microsoft recently…
Semperis Offers New Protection Against Okta Breaches
- Semperis Research Team
In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and Entra ID (formerly Azure AD). But identity protection is just as vital for organizations that use Okta, a cloud-based identity…
How to Protect Active Directory Against Kerberoasting: AD Security 101
- Daniel Petri | Senior Training Manager
Active Directory (AD) remains a crucial backbone for enterprise IT environments, centralizing authentication and authorization for users and computers. However, Active Directory’s importance—coupled with its age and the technical debt it often accrues—makes it a primary target for cyberattacks. One common attack technique, called Kerberoasting, exploits the Kerberos authentication protocol…
