Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems, monitor and secure Active Directory, and follow robust security measures for credential and ticket protection are at a higher risk.…
Late last year, the United States National Security Agency's (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a list of the most common vulnerabilities in large computer networks. This list of CISA and NSA top ten cybersecurity misconfigurations reveals systemic weaknesses, particularly in (though not limited to) Microsoft Windows…
Each year, the total number of cyberattacks and cost of ransomware-related damage increases globally. Microsoft recently reported that attempted password attacks have soared “from around 3 billion per month to over 30 billion.” Clearly, a proactive approach to mitigating identity-based attacks is a good New Year’s resolution. To help you…
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…
The holidays are a busy time for shoppers, retail businesses—and cybercriminals. The Cybersecurity and Infrastructure Security Agency (CISA) has previously noted “an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed” and has called holiday shopping seasons “a prime opportunity for bad actors to…
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…
Within your IT infrastructure, Active Directory (AD) is the central hub for controlling access to resources and keeping your business operational. However, Active Directory’s importance to your organization puts it in the crosshairs of threat actors. If Active Directory is successfully breached, attackers can get their hands on privileged credentials…