Identity Threat Detection & Response
Categories
- Active Directory Backup & Recovery (61)
- Active Directory Security (204)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (64)
- Identity Attack Catalog (21)
- Identity Threat Detection & Response (136)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (63)
- Uncategorized (1)
Semperis Directory Services Protector Wins 2021 Fortress Cyber Security Award
- Semperis Team
Semperis was named a winner in the 2021 Fortress Cyber Security Awards (Incident Response category) for Directory Services Protector (DSP). The Fortress Awards identify and reward the world’s leading companies and products that are working to keep data and electronic assets safe among a growing threat from hackers. Semperis Directory Services…
Three Steps to Harden Your Active Directory in Light of Recent Attacks
- Brian Desmond
In a recent webinar I co-hosted with Semperis (the folks behind the Purple Knight security assessment tool), we focused on a key common denominator across recent high-profile attacks—Active Directory. In the session “How Attackers Exploit Active Directory: Lessons Learned from High-Profile Breaches,” Sean Deuby and Ran Harel from Semperis joined…
Identity Attack Watch: May 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
How to Defend Against Ransomware-as-a-Service Groups That Attack Active Directory
- Semperis Team
Concern about the Colonial Pipeline ransomware attack by DarkSide has expanded beyond the cybersecurity industry and into the consciousness of the everyday consumer—an indicator of the extensive implications the attack has on the global economy. In response, the Biden administration issued an executive order and held a press conference, and…
Hafnium Attack Timeline
- Sean Deuby | Principal Technologist
The attacks on Microsoft Exchange servers around the world by Chinese state-sponsored threat group Hafnium are believed to have affected over 21,000 organizations. The impact of these attacks is growing as the four zero-day vulnerabilities are getting picked up by new threat actors. While the world was introduced to these…
How to Defend Against Active Directory Attacks That Leave No Trace
- Guido Grillenmeier
Cybercriminals are using new tactics and techniques to gain access to Active Directory in novel ways, making their attacks even more dangerous—and more necessary to detect. One of the most important parts of any cybersecurity strategy is detection. Having an ability to spot the bad guy entering, moving about, or worse—administering—your network is…
DnsAdmins Revisited
- Yuval Gordon
How Potential Attackers Can Achieve Privileged Persistence on a DC through DnsAdmins The Semperis Research Team recently expanded on previous research showing a feature abuse in the Windows Active Directory (AD) environment where users from the DnsAdmins group could load an arbitrary DLL into a DNS service running on a…
Leading CISOs Discuss Shifting Priorities Amidst Increased Security Threats
- Semperis Team
What keeps CISOs up at night? And where should CISOs focus to bring value to the business? How should priorities shift given the proliferation of cyberattacks that threaten to disrupt businesses worldwide? To help cut through some of the noise, we partnered with Redmond Magazine to convene leading CISOs in a discussion…
