Semperis Blog

May 11, 2020 (May 13, 2020) | Sean Deuby

Your Zero Trust Strategy Depends on Active Directory Integrity

The exponential increase in remote work caused by the COVID-19 crisis has ricocheted across the IT landscape. Within a matter of days, corporate IT faced an unprecedented 180-degree turn in its client networking model. Organizations that treated remote work as a rare exception suddenly found themselves almost entirely remote. According to JPMorgan, Zoom usage is up more than 300% since before the crises. Microsoft reports a Teams usage increase of 200% since March 16th. As companies grapple … Read More

April 16, 2020 (May 12, 2020) | Byron Acohido

Semperis introduces tools to improve security resiliency of Windows Active Directory

Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber crimes ever get reported to … Read More

March 24, 2020 (May 12, 2020) | Mickey Bresman

How To Prepare For Cyberwar: It Starts With Identity

Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political events and verbal threats. Anyone in … Read More

March 18, 2020 (April 21, 2020) | Betsy Bender

Semperis COVID-19 Update

Last Update March 18, 2020 This post provides information about steps Semperis is taking in response to the COVID-19 crisis. These actions are designed to ensure uninterrupted service to our customers while protecting the health and welfare of our team members and the communities where we live and work. We would also like to take … Read More

March 4, 2020 (March 18, 2020) | Sean Deuby

Hypervisor DC Snapshots Are No Substitute for Proper Active Directory Backups

Most organizations have virtualized some or all their AD domain controllers. Virtualized DCs have their advantages, but they also introduce risks that didn’t exist with physical servers. One of these risks is the temptation to use hypervisor snapshots (a point-in-time VM image) for AD backups. Don’t. Let’s be clear: even though Microsoft supports hypervisor snapshot restores since Windows Server 2012 – i.e. they won’t break AD as they could in previous OS versions – they’re still not recommendedi. And they’re especially not recommended for forest disaster recovery scenarios. … Read More

November 22, 2019 (March 4, 2020) | Sean Deuby

Upgrading to WS2016/2019? Consider a Safety Net for AD

A colleague here at Semperis recently looped me into a conversation with the manager of a large Active Directory environment running on Windows Server 2008 R2. With end of support for Windows Server 2008 and 2008 R2 coming up soon (officially January 14, 2020), planning is well underway for upgrade of the company’s forest and … Read More

October 31, 2019 (November 22, 2019) | Darren Mar-Elia

Cyber Scenarios Expose Shortcomings of BMR

Ransomware and wiper attacks are causing organizations to re-evaluate their backup and recovery capabilities. An obvious concern is whether backups are safe – for example, are they offline where they can’t be encrypted or wiped. While this is a good first step, it’s just that. We also need to evaluate whether the backup and recovery … Read More

October 18, 2019 (October 31, 2019) | Edward Amoroso

Toughen Up Your AD

Request for Comments (RFC) 1823 from August 1995 introduced the Lightweight Directory Access Protocol (LDAP) Application Programming Interface (API). One could argue that this important work served as the foundation for modern identity management. And yet, surprisingly, the word identity does not appear even once in the entire RFC. (The word directory shows up fourteen times and the word access appears … Read More

August 26, 2019 (December 13, 2019) | Darren Mar-Elia

Why Most Organizations Still Can’t Defend Against DCShadow – Part 2

In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a feature of the Mimikatz post-exploitation tool that attackers use to silently create … Read More

July 16, 2019 (August 28, 2019) | Darren Mar-Elia

Why Most Organizations Still Can’t Defend against DCShadow

DCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in AD without anyone knowing. This allows the attacker to create backdoors all over AD that can’t be detected, even if … Read More

Your Zero Trust Strategy Depends on Active Directory Integrity

Your Zero Trust Strategy Depends on Active Directory Integrity

Semperis introduces tools to improve security resiliency of Windows Active Directory

How To Prepare For Cyberwar: It Starts With Identity

Semperis COVID-19 Update

Hypervisor DC Snapshots Are No Substitute for Proper Active Directory Backups

Upgrading to WS2016/2019? Consider a Safety Net for AD

Cyber Scenarios Expose Shortcomings of BMR

Toughen Up Your AD

Why Most Organizations Still Can’t Defend Against DCShadow – Part 2

Why Most Organizations Still Can’t Defend against DCShadow

Featured WhitePaper

Picking the right type of solution for active directory backup

Featured Webinar

How to Defend Against Password Spray Attacks.

Latest Tweets