Active Directory Security

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 3)

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 3)

  • Daniel Petri
  • Jan 23, 2024

Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system for most organizations: a critical part of your infrastructure, and a prime target for cyberattackers. This week, I’ll discuss the…

Pass the Hash Attack Defense: AD Security 101

Pass the Hash Attack Defense: AD Security 101

  • Daniel Petri
  • Jan 18, 2024

Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a user’s password hash. The attack is difficult to detect and can lead to privilege escalation and serious damage to your…

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 2)

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective (Part 2)

  • Daniel Petri
  • Jan 17, 2024

When it comes to cybersecurity—especially the security of critical identity infrastructure—the minimum expectation for every organization should be closing known vulnerabilities and configuration gaps. Welcome to the second of our three-part discussion of how the CISA and NSA top ten cybersecurity misconfigurations list applies to hybrid Active Directory environments and…

How to Defend Against a Pass the Ticket Attack: AD Security 101

How to Defend Against a Pass the Ticket Attack: AD Security 101

  • Daniel Petri
  • Jan 11, 2024

Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems, monitor and secure Active Directory, and follow robust security measures for credential and ticket protection are at a higher risk.…

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective

NSA Top Ten Cybersecurity Misconfigurations: An Active Directory Perspective

  • Daniel Petri
  • Jan 09, 2024

Late last year, the United States National Security Agency's (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a list of the most common vulnerabilities in large computer networks. This list of CISA and NSA top ten cybersecurity misconfigurations reveals systemic weaknesses, particularly in (though not limited to) Microsoft Windows…

Top 3 Identity-Based Attack Trends to Watch in 2024

Top 3 Identity-Based Attack Trends to Watch in 2024

  • Semperis
  • Jan 02, 2024

Each year, the total number of cyberattacks and cost of ransomware-related damage increases globally. Microsoft recently reported that attempted password attacks have soared “from around 3 billion per month to over 30 billion.” Clearly, a proactive approach to mitigating identity-based attacks is a good New Year’s resolution. To help you…

Identity Attack Watch: AD Security News, December 2023

Identity Attack Watch: AD Security News, December 2023

  • Semperis Research Team
  • Dec 31, 2023

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

Holiday Cybersecurity Tips

Holiday Cybersecurity Tips

  • Sean Deuby
  • Dec 19, 2023

The holidays are a busy time for shoppers, retail businesses—and cybercriminals. The Cybersecurity and Infrastructure Security Agency (CISA) has previously noted “an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are normally closed” and has called holiday shopping seasons “a prime opportunity for bad actors to…