[Updated February 21, 2024; originally published December 14, 2017] Active Directory is the most critical identity system for most enterprises. The problem is that in the two-plus decades since Active…
Cyberattacks on business systems—including hybrid identity systems—continue to make headlines, including recent breaches targeting healthcare company Henry Schein and hospitality conglomerate MGM Resorts. Apart from these well-publicized attacks, the Semperis…
The cybersecurity challenges in the government and education space are nothing new. Such challenges soared with COVID and continue today. Unfortunately, the cyber defense of mission-critical government and education services…
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending…
LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially…
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending…
LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially…
Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a…
Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems,…
Our latest Purple Knight (PK) v4.2 release introduces fundamental changes, particularly concerning the new scoring calculation. Changing from a broader approach that considered all indicators, we’ve now zeroed in on…
In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and…
An unmanaged Active Directory (AD) can have a profound impact on your operations, leading to downtime and increasing your vulnerability to network security threats. AD monitoring can provide insights you…
Enterprise organizations with legacy Active Directory (AD) environments have a security problem. Their AD infrastructure has likely degraded over time and now harbors multiple security vulnerabilities because of inefficient architecture,…
Active Directory (AD) migration projects can be challenging and complex. Such projects involve the migration of users, groups, computers, and applications from one AD domain or forest to another. Careful…
Active Directory (AD) is the core identity store for many organizations. As such, AD has also become a major target for bad actors. If attackers gain access to AD, they…
Another day, another installment in the LockBit saga. The latest development in the never-ending story of cyber-criminal gangs versus law enforcement agencies is nearly worthy of its own TV series….
[Updated February 21, 2024; originally published December 14, 2017] Active Directory is the most critical identity system for most enterprises. The problem is that in the two-plus decades since Active…
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending…
Key findings Golden SAML is a known attack technique discovered by CyberArk and published by Shaked Reiner. For years, Golden SAML has been known for its extraction of signing certificates…
In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need…
Modern information security is built on a layered defense. Each layer supports the others and presents additional obstacles to threat actors. From patch management to perimeter firewalls, each layer makes…
LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially…
In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need…
The NTLM relay attack poses a significant threat to organizations that use Active Directory. This attack exploits the NT LAN Manager (NTLM) authentication protocol, a challenge-response mechanism used in Windows…
LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially…
[Updated February 14, 2024; originally published November 29, 2021] The number and scope of confusing and risky security settings in Active Directory are becoming better known with every new cyberattack….
Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system…
This month marked two milestones for Semperis. First, Deloitte recognized the company as one of the 100 fastest growing technology companies in North America and (for the third consecutive year)…
On behalf of the entire team, I’m excited to share that Semperis has been named to Inc.’s 2022 list of Best Workplaces. This annual list honors workplaces that are ranked…
You won’t want to miss the newest episode of the Hybrid Identity Podcast (HIP)! In this session, I have the pleasure of talking with IDPro founder and Salesforce Senior VP…
Our latest Purple Knight (PK) v4.2 release introduces fundamental changes, particularly concerning the new scoring calculation. Changing from a broader approach that considered all indicators, we’ve now zeroed in on…
In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and…
A man-in-the-middle attack, also known as an MitM attack, is a form of eavesdropping in an attempt to steal sensitive data, such as user credentials. These attacks can pose a…
Each year, the total number of cyberattacks and cost of ransomware-related damage increases globally. Microsoft recently reported that attempted password attacks have soared “from around 3 billion per month to…
Just as the impact of cyberattacks is not confined to the IT department, the role of the CISO has expanded beyond the security team. With organizations and analysts now acknowledging…
How do you begin to build a strong Identity Threat Detection and Response (ITDR) strategy? It begins with an understanding of your unique identity environment, says Maarten Goet, Director for…
Key findings Golden SAML is a known attack technique discovered by CyberArk and published by Shaked Reiner. For years, Golden SAML has been known for its extraction of signing certificates…
Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems,…
The recent increase in sophisticated cyberattacks highlights the vulnerabilities inherent in online platforms and identity management systems. To address the increased risk, Semperis recently expanded Purple Knight, its open-source, community-based…
In Active Directory (AD) environments, you can use Group Policy Objects (GPOs) to configure user rights. By using GPOs, you can easily enforce consistent user rights policies across all computers…
Stay informed. Get the latest news and resources on identity threat detection and response (ITDR), hybrid Active Directory (AD) security, and cyber resilience, brought to you by Semperis experts.