Semperis Identity Attack Watch: February 2021

Identity Attack Watch Image

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware. …

CISA’s Ransomware Guidance Is Reminder to Include AD in Recovery Plan

Offline File Storage

Any ransomware recovery plan needs to include regular file backups and encrypted data with offline copies, as the Cybersecurity and Infrastructure Security Agency (CISA) recently reminded as part of the organization’s campaign to drive awareness of its ransomware guidance and resources. The guidance includes best practices and checklists to help companies formulate their cyberattack response …

Top Security Risks to Watch for in Shifting to Hybrid Identity Management

Hybrid Identity Management

It’s easy to see why enterprises are gravitating toward a hybrid identity management model that promises the best of both worlds—a little bit in the cloud, and a little bit on-premises. In an Active Directory-centric environment, leveraging the cloud means integrating with Azure Active Directory.   Azure Active Directory (AAD), after all, is designed with …

Semperis Contributes to Two NIST Data Integrity Practice Guides

Technology Team

NIST recommends complementary solutions, much like a team of security superheroes   To succeed in protecting your company’s data against ransomware, you need to proceed as if you’re assembling a team of superheroes. Each team member has a singular power that individually appears limited. But together, they can conquer evil.  As the number of cyberattacks continues to soar, and attackers’ tactics become more …

Semperis Identity Attack Watch: January 2021

Identity Attack Watch Image

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware.   This month, the Semperis Research Team highlights an exploit that targeted the “AD of SAP,” …

Semperis Expert: SolarWinds Attack Highlights Need to Secure AD

The disclosure of the supply chain attack against SolarWinds in late 2020 was a wake-up call for federal agencies responsible for securing U.S. information assets—and for the security industry. As more details behind the attack come to light, one of the most significant revelations is that attackers used tried-and-true methods to gain initial access—through on-premises …