Active Directory Security

Vulnerabilities in Active Directory: The CISO’s Achilles Heel

Vulnerabilities in Active Directory: The CISO’s Achilles Heel

  • Darren Mar-Elia
  • Aug 06, 2020

Understanding how compromises occur is a fundamental part of forming a cybersecurity defense. With that in mind, I recently joined Andy Robbins, co-creator of the open source attack path discovery tool, BloodHound, for a webinar that outlined how attackers target Active Directory (AD).    During the presentation, we spotlighted an uncomfortable truth: the center of enterprise identity services…

Why I’m Hanging Out With the Semperis Crew

Why I’m Hanging Out With the Semperis Crew

  • Chris Roberts
  • Jul 28, 2020

Let's start with a little history lesson... Back in 2014, there were a series of articles calling for the dismantling and death of Active Directory (AD) for various reasons. Fast forward to 2018, and we made calls for its demise, or simply that companies should take their AD servers, throw…

Understanding Group Policy Privilege Escalation in CVE-2020-1317

Understanding Group Policy Privilege Escalation in CVE-2020-1317

  • Darren Mar-Elia
  • Jul 14, 2020

Last month, Microsoft released an advisory for CVE-2020-1317 which describes a privilege escalation vulnerability in Group Policy. This was further detailed by the discoverer of the vulnerability on the Cyberark website. The nature of this issue is interesting and worth understanding. For years, Group Policy has had this dichotomy built into its…

The Dos and Don’ts of AD Recovery

The Dos and Don’ts of AD Recovery

  • Gil Kirkpatrick
  • Jun 30, 2020

Last month I was able to catch up with my long-time friend Guido Grillenmeier, who is currently Chief Technologist at DXC Technology. In 2007-2008, Guido and I worked together, developing and delivering the “Active Directory Masters of Disaster” disaster recovery workshops at the Directory Experts Conference. It was, at the…

Take Back the Keys to Your Kingdom with the Latest Release of Semperis Directory Services Protector

Take Back the Keys to Your Kingdom with the Latest Release of Semperis Directory Services Protector

  • Darren Mar-Elia
  • Jun 23, 2020

Active Directory is foundational to everything you do and the #1 new target for attackers. Since it wasn’t originally built with today’s threats in mind, Active Directory is riddled with inherent soft spots and risky configurations that attackers are readily taking advantage of.  We, here at Semperis, are excited to announce a new release of Directory Services Protector (DS Protector) and the powerful features it includes to detect dangerous vulnerabilities, intercept…

Your Zero Trust Strategy Depends on Active Directory Integrity

Your Zero Trust Strategy Depends on Active Directory Integrity

  • Sean Deuby
  • May 11, 2020

The exponential increase in remote work caused by the COVID-19 crisis has ricocheted across the IT landscape. Within a matter of days, corporate IT faced an unprecedented 180-degree turn in its client networking model. Organizations that treated remote work as a rare exception suddenly found themselves almost entirely remote. According to JPMorgan, Zoom usage is up more than 300% since before the crises. Microsoft reports a Teams usage increase of 200% since…

Semperis introduces tools to improve security resiliency of Windows Active Directory

Semperis introduces tools to improve security resiliency of Windows Active Directory

  • Byron Acohido
  • Apr 16, 2020

Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber…

How To Prepare For Cyberwar: It Starts With Identity

How To Prepare For Cyberwar: It Starts With Identity

  • Mickey Bresman
  • Mar 24, 2020

Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political…