Insights From Thought Leaders Around The Globe
The digital identities of modern enterprises exist in a dynamic environment. Read thought leadership from experts worldwide regarding the constantly changing global IT environment and insights for keeping up with growing demands, and securing against escalating threats and vulnerabilities.
In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a feature of the Mimikatz post-exploitation tool that attackers use to silently create backdoors in AD by injecting changes directly into the AD replication stream.) Limit testing to... Read More
In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a feature of the Mimikatz post-exploitation tool that attackers use to silently create … Read More
DCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in AD without anyone knowing. This allows the attacker to create backdoors all over AD that can’t be detected, even if … Read More
July 29, 2019 Update: With over 800,000 Windows systems still unpatched and vulnerable (as of July 2), concern over BlueKeep remains high, especially after a detailed guide on how to write an exploit was posted online last week. Other indications that the vulnerability is not going unnoticed include publication of an exploit and discovery of … Read More
Hi, This is part two of a blog that I had written earlier. The premise of part one was to better understand what are the options that companies face should their Active Directory be compromised. How can they get back up and running as quickly as possible? How can it be done with as many … Read More
Information protection consists of three pillars: confidentiality, integrity and availability. Hybrid Identity is no different; the three pillars still apply. However, availability is hard for Azure AD Connect. As a key link in the Hybrid Identity chain, it should be the focus, but not the only focus. High availability for Azure AD Connect explained About … Read More
If you’ve been following this blog, you know that about 2 and half years ago, I started talking about Group Policy’s precarious role in the typical enterprise’s security posture. Many, if not most, AD shops use GP to perform security hardening on their Windows desktops and servers. This includes everything from tweaking OS settings to … Read More
This is the story of one of the most successful delivery people in the industry……this story captures one of his greatest accomplishments in recent history The Setting: Inside the Loading Dock, at the back of the building of a Global Fortune 500 company (we’ll call it “Global, Inc”) Loading Dock Security: Can we help you? … Read More
We Can’t Do Anything About The Weather, But… When bad things happen, we can dramatically speed your time to recovery! This seems to be a common concern, and one that is front and center with Board Members and Senior Management. What do we do if we’ve lost all access to our systems and applications? … Read More
You know Petya, and Sandworm, and Spyware, and Rootkits. Mimikatz and WannaCry, and backdoors and botnets. But do you recall……. the most damaging attack of all?…. NotPetya the Russian Wiper, had a very nasty bite. And if you ever saw it, you would even say “Good Night!”. All of the other malware’s… used to laugh … Read More
Following a 10-year stint in virtualization technologies, I joined Semperis and dove into the world of Active Directory. Over the last three years, which included some of the most vicious malware attacks ever documented, I think I have finally come up to speed on this part of the IAM world. Here are a couple of … Read More
