Active Directory Security

Identity Attack Watch: June 2022

Identity Attack Watch: June 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

Top Tips for Protecting Active Directory

Top Tips for Protecting Active Directory

  • Darren Mar-Elia | VP of Products

Active Directory is one of the most important components of your network. Yet protecting Active Directory can be one of the most challenging tasks on your to-do list. The problem is that AD changes so often and on such a large scale that it’s effectively immune to ordinary change management.…

Achieving Operational Resilience with Simon Hodgkinson

Achieving Operational Resilience with Simon Hodgkinson

  • Sean Deuby | Principal Technologist

Does your cybersecurity plan take your organization's goals for operational resilience into account? In a recent episode of the Hybrid Identity Podcast (HIP), I spoke with Semperis strategic advisor, former bp CISO, and HIP London panel speaker Simon Hodgkinson. Simon is an expert in operational resilience and how it relates…

7 Active Directory Misconfigurations to Find and Fix—Now

7 Active Directory Misconfigurations to Find and Fix—Now

  • Orin Thomas

Exploiting Active Directory misconfigurations is a popular path for attackers. According to Microsoft, 95 million AD accounts are targeted every day. Attackers use Active Directory security vulnerabilities to gain privileged access and move through the compromised systems, harvesting valuable assets, installing malware, or planting ransomware, among other tactics. Protect your…

Identity Attack Watch: May 2022

Identity Attack Watch: May 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

Revisiting the Colonial Pipeline Cyberattack, One Year Later

Revisiting the Colonial Pipeline Cyberattack, One Year Later

  • Semperis Team

The Colonial Pipeline cyberattack in May 2021 ranks as one of the top critical infrastructure attacks to date. At the time, Semperis Director of Services Sean Deuby predicted that the ransomware-as-a-service (RaaS) attack was an “implication of what is to come … open season on infrastructure providers.” One year later,…

Identity Attack Watch: April 2022

Identity Attack Watch: April 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against cyberattacks targeting Active Directory, the Semperis Research Team offers this monthly roundup of recent attacks that used…

Combatting a BlackCat Ransomware Active Directory Attack

Combatting a BlackCat Ransomware Active Directory Attack

  • Semperis Team

The FBI has released FBI Flash CU-000167-MW warning that BlackCat/ALPHV ransomware-as-a-service (RaaS) group has compromised at least 60 entities globally. As with the majority of cyberattacks, BlackCat/ALPHV’s end game is an Active Directory attack. Top on the FBI’s list of recommended mitigations is reviewing your Active Directory environment for unrecognized…