Identity Threat Detection & Response
Categories
- Active Directory Backup & Recovery (61)
- Active Directory Security (210)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (66)
- Identity Attack Catalog (26)
- Identity Threat Detection & Response (141)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- Semperis University (1)
- The CISO's Perspective (16)
- Threat Research (68)
Semperis introduces tools to improve security resiliency of Windows Active Directory
- Byron Acohido
Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber…
How To Prepare For Cyberwar: It Starts With Identity
- Mickey Bresman
Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political…
Cyber Scenarios Expose Shortcomings of BMR
- Darren Mar-Elia | VP of Products
Ransomware and wiper attacks are causing organizations to re-evaluate their backup and recovery capabilities. An obvious concern is whether backups are safe – for example, are they offline where they can’t be encrypted or wiped. While this is a good first step, it’s just that. We also need to evaluate…
Why Most Organizations Still Can’t Defend against DCShadow
- Darren Mar-Elia | VP of Products
DCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in AD without anyone knowing. This allows the attacker to create backdoors all over AD that…
NSA Sounds the Alarm on BlueKeep
- Darren Mar-Elia | VP of Products
July 29, 2019 Update: With over 800,000 Windows systems still unpatched and vulnerable (as of July 2), concern over BlueKeep remains high, especially after a detailed guide on how to write an exploit was posted online last week. Other indications that the vulnerability is not going unnoticed include publication of…
Your Active Directory was compromised, is it all lost? – Part 2
- David Lieberman
Hi, This is part two of a blog that I had written earlier. The premise of part one was to better understand what are the options that companies face should their Active Directory be compromised. How can they get back up and running as quickly as possible? How can it…
We Can’t Do Anything About The Weather, But…
- Steve Mackay
We Can't Do Anything About The Weather, But… When bad things happen, we can dramatically speed your time to recovery! This seems to be a common concern, and one that is front and center with Board Members and Senior Management. What do we do if we've lost all access to…
NotPetya, the Russian Wiper
- Steve Mackay
You know Petya, and Sandworm, and Spyware, and Rootkits. Mimikatz and WannaCry, and backdoors and botnets.But do you recall....... the most damaging attack of all?....NotPetya the Russian Wiper, had a very nasty bite.And if you ever saw it, you would even say “Good Night!”.All of the other malware’s... used to…
