Identity Attack Watch: March 2021

Identity Attack Watch Image

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used identity system breaches to introduce or …

Do You Know Your Active Directory Security Vulnerabilities?

Active Directory Security Vulnerabilities

Securing Microsoft Active Directory (AD) involves dealing with a mixed bag of risks, ranging from management mistakes to unpatched vulnerabilities. We often write about the fact that cyber-attackers are targeting AD to elevate privileges and gain persistence in the organization. Investigate a typical data breach, and you’ll find that stolen credentials likely were used—sometimes for …

DnsAdmins Revisited

How Potential Attackers Can Achieve Privileged Persistence on a DC through DnsAdmins   The Semperis Research Team recently expanded on previous research showing a feature abuse in the Windows Active Directory (AD) environment where users from the DnsAdmins group could load an arbitrary DLL into a DNS service running on a Domain Controller. Yuval Gordon …

Leading CISOs Discuss Shifting Priorities Amidst Increased Security Threats

What keeps CISOs up at night? And where should CISOs focus to bring value to the business? How should priorities shift given the proliferation of cyberattacks that threaten to disrupt businesses worldwide? To help cut through some of the noise, we partnered with Redmond Magazine to convene leading CISOs in a discussion about the most critical aspects …