Active Directory Security

Purple Knight Proves Essential for Securing AD at Southern Utah University

Purple Knight Proves Essential for Securing AD at Southern Utah University

  • Semperis Team

Legacy Active Directory (AD) environments are often hotbeds of cybersecurity vulnerabilities because of misconfigurations that have accumulated over time. In education organizations, the challenges of securing AD are compounded by the constant onboarding and offboarding of students and faculty. Uncovering unknown vulnerabilities in the AD environment he inherited was a…

Securing Hybrid Identity

Securing Hybrid Identity

  • Guido Grillenmeier

Identity is the new security perimeter. Any breach in this perimeter can enable malicious users to gain access to your apps, your data, and your business operations. For organizations that rely on Azure Active Directory or a hybrid environment of Azure AD and on-prem Active Directory to provide identity services,…

CVE-2022-26923: Know Your AD Vulnerability

CVE-2022-26923: Know Your AD Vulnerability

  • Semperis Research Team

On May 10, 2022, a vulnerability within Active Directory (AD) and Active Directory Certificate Services (AD CS) was disclosed and patched. This AD vulnerability can lead to privilege escalation. In default installations of AD CS, a low-privileged user can exploit the vulnerability by requesting an authentication certificate and then using…

Identity Attack Watch: July 2022

Identity Attack Watch: July 2022

  • Semperis Research Team

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

Hybrid Identity Protection with Dr. Nestori Synnimaa

Hybrid Identity Protection with Dr. Nestori Synnimaa

  • Sean Deuby | Principal Technologist

“Every component in your on-prem environment that is part of a hybrid [Active Directory] configuration needs to be treated as a Tier 0 server, so they need to be protected as well as your domain controllers,” explains Dr. Nestori Synnimaa, AADInternals creator and Sr Principal Security Researcher at Secureworks Counter…

How Cybersecurity Is Evolving from EDR to XDR to ITDR

How Cybersecurity Is Evolving from EDR to XDR to ITDR

  • Sean Deuby | Principal Technologist

As businesses embrace hybrid work and digitization, endpoint, and identity are moving perpetually closer. Both professions are evolving, and to make the most of this evolution, people on both sides will need to cross the aisle. In a recent episode of the Hybrid Identity Protection podcast, I discuss this evolution…

Purple Knight Introduces Entra ID (formerly Azure AD) Security Indicators

Purple Knight Introduces Entra ID (formerly Azure AD) Security Indicators

  • Tammy Mindel

Purple Knight, the free Active Directory (AD) security assessment tool downloaded by 10,000-plus users, now enables you to identify and address security gaps across your hybrid identity environment. That's right: The latest release of Purple Knight introduces Entra ID security indicators. The ability to address security gaps across both on-prem…

A Diamond Ticket in the Ruff

A Diamond Ticket in the Ruff

  • Charlie Clark

[Editor’s note: This blog was co-authored by Andrew Schwartz at TrustedSec.] One day, while browsing YouTube, we came across a Black Hat 2015 presentation by Tal Be’ery and Michael Cherny. In their talk and subsequent brief, Watching the Watchdog: Protecting Kerberos Authentication with Network Monitoring, Be’ery and Cherny outlined something…