From the Front Lines
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
The Weaponization of Active Directory: An Inside Look at Ransomware Attacks Ryuk, Maze, and SaveTheQueen
- Thomas Leduc
Like never before, Active Directory (AD) is in the attackers’ crosshairs. In this blog, we'll examine how ransomware attacks are abusing AD and how enterprises can evolve their defensive strategies to stay ahead of attackers. First, a quick note about the recent privilege escalation vulnerability dubbed Zerologon, which allows an unauthenticated attacker with network access to…
New survey reveals dangerous gaps in crisis management plans
- Thomas Leduc
When a storm hits, the one who is most prepared is the one who will weather it best. For IT, this storm is digital, a flurry of cyberattacks that routinely touches down on the shores of Microsoft Active Directory (AD). AD is a juicy target, and we all know why.…
Cyber Scenarios Expose Shortcomings of BMR
- Darren Mar-Elia | VP of Products
Ransomware and wiper attacks are causing organizations to re-evaluate their backup and recovery capabilities. An obvious concern is whether backups are safe – for example, are they offline where they can’t be encrypted or wiped. While this is a good first step, it’s just that. We also need to evaluate…
NSA Sounds the Alarm on BlueKeep
- Darren Mar-Elia | VP of Products
July 29, 2019 Update: With over 800,000 Windows systems still unpatched and vulnerable (as of July 2), concern over BlueKeep remains high, especially after a detailed guide on how to write an exploit was posted online last week. Other indications that the vulnerability is not going unnoticed include publication of…
Microsoft upends traditional password recommendations with significant new guidance
- Sean Deuby | Principal Technologist
Based on research gleaned from literally billions of login attempts to its Azure cloud service, Microsoft updates its password recommendations - and throws out several long-held industry best practices. Microsoft has recently published a white paper, "Microsoft Password Guidance" that explains their new password guidance, based on the massive amount…
