Identity Attack Watch: July 2021

Identity Attack Watch Image

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware. …

Applying the MITRE ATT&CK Framework to Your Active Directory

I recently had the pleasure of teaming up with Ran Harel, principal security product manager at Semperis for a webinar focused on making the MITRE ATT&CK Framework relevant and actionable for organizations seeking to ramp up their security. In the webinar we zeroed in on the most attacked target – Active Directory – and demonstrated …

Time to Leave ADFS Behind for Authenticating in Hybrid Environments?

One of the biggest challenges of adopting cloud services is extending identity policies from the on-premises environment into the cloud. In an Active Directory (AD) environment, it might be tempting to turn to Active Directory Federation Services (ADFS), which has long been the answer for providing single sign-on capabilities to allow users to authenticate and …

What You Need to Know about PrintNightmare, the Critical Windows Print Spooler Vulnerability

Update July 6, 2021: Microsoft has released a patch for CVE 2021-34527, available here. Another week, another critical vulnerability. The latest critical security flaw is dubbed “PrintNightmare,” a reference to two vulnerabilities in the Windows Print Spooler service—CVE 2021-1675 and CVE 2021-34527, published between June and July 2021. CVE 2021-1675 is a patched vulnerability that …