Active Directory Security

Simplify Active Directory Permissions Handling with Delegation Manager

Simplify Active Directory Permissions Handling with Delegation Manager

  • Darren Mar-Elia
  • Jun 17, 2024

One of the most tedious—but important—Active Directory administration tasks is assigning permissions to various people in the organization so they can access the objects and properties they need to do their work. The problem is that AD has a granular security model that can be cumbersome to manage, and failing to…

Identity Attack Watch: AD Security News, May 2024

Identity Attack Watch: AD Security News, May 2024

  • Semperis Research Team
  • May 31, 2024

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks and provides additional…

New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions

New Forrester TEI Report: Semperis Slashes Downtime by 90%, Saving Customers Millions

  • Sean Deuby | Principal Technologist
  • May 20, 2024

How long could your organization go without access to applications and services because of an identity-related cyberattack? That’s the question we often ask security and IT ops leaders when we’re discussing the importance of protecting Active Directory and Entra ID from threat actors. The question seems hypothetical because it assumes…

How to Defend Against SID History Injection

How to Defend Against SID History Injection

  • Daniel Petri
  • May 03, 2024

Security Identifier (SID) History injection is a sophisticated cyberattack vector that targets Windows Active Directory environments. This attack exploits the SID History attribute, which is intended to maintain user access rights during migrations from one domain to another. By injecting malicious SID values into this attribute, an attacker can escalate…

Identity Attack Watch: AD Security News, April 2024

Identity Attack Watch: AD Security News, April 2024

  • Semperis Research Team
  • May 01, 2024

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks and provides additional…

Introducing Lightning Identity Runtime Protection: ML-Powered Detection of the Most Successful Identity Attack Patterns

Introducing Lightning Identity Runtime Protection: ML-Powered Detection of the Most Successful Identity Attack Patterns

  • Eitan Bloch | Semperis Product Manager
  • Apr 30, 2024

Many cyberattacks go undetected until the damage is done, despite organizations’ efforts to prevent them. And many successful identity attacks use the same tried-and-true techniques that have worked for years, such as password spray and brute force attacks. Microsoft estimates that password spray attacks are responsible for more than a third…

Identity Attack Watch: AD Security News, March 2024

Identity Attack Watch: AD Security News, March 2024

  • Semperis Research Team
  • Mar 29, 2024

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

LDAP Injection Attack Defense: AD Security 101

LDAP Injection Attack Defense: AD Security 101

  • Daniel Petri
  • Mar 06, 2024

LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially gain unauthorized access to your directory service. Semperis cybersecurity and identity security experts have a deep understanding of LDAP injection,…