Active Directory Security
Categories
- Active Directory Backup & Recovery (63)
- Active Directory Security (217)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (68)
- Identity Attack Catalog (30)
- Identity Threat Detection & Response (144)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- Semperis University (2)
- The CISO's Perspective (16)
- Threat Research (68)
DnsAdmins Revisited
- Yuval Gordon
How Potential Attackers Can Achieve Privileged Persistence on a DC through DnsAdmins The Semperis Research Team recently expanded on previous research showing a feature abuse in the Windows Active Directory (AD) environment where users from the DnsAdmins group could load an arbitrary DLL into a DNS service running on a…
Semperis Identity Attack Watch: February 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
Top Security Risks to Watch for in Shifting to Hybrid Identity Management
- Doug Davis
It's easy to see why enterprises are gravitating toward a hybrid identity management model that promises the best of both worlds—a little bit in the cloud, and a little bit on-premises. In an Active Directory-centric environment, leveraging the cloud means integrating with Azure Active Directory. Azure Active Directory (AAD),…
Semperis Contributes to Two NIST Data Integrity Practice Guides
- Michele Crockett
NIST recommends complementary solutions, much like a team of security superheroes To succeed in protecting your company’s data against ransomware, you need to proceed as if you’re assembling a team of superheroes. Each team member has a singular power that individually appears limited. But together, they can conquer evil. As the number of cyberattacks…
Semperis Identity Attack Watch: January 2021
- Semperis Research Team
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware. This month, the Semperis Research Team highlights an exploit…
Semperis Expert: SolarWinds Attack Highlights Need to Secure AD
- Semperis Team
The disclosure of the supply chain attack against SolarWinds in late 2020 was a wake-up call for federal agencies responsible for securing U.S. information assets—and for the security industry. As more details behind the attack come to light, one of the most significant revelations is that attackers used tried-and-true methods…
Moving on from Active Directory Red Forest
- Darren Mar-Elia | VP of Products
As far back as 2012, Microsoft released the first version of its important “Mitigating Pass-the-Hash and Credential Theft” whitepapers. In this first version, Microsoft defined the problem of lateral movement and privilege escalation within a Windows Active Directory on-premises environment and included best practices for mitigating these kinds of attacks at the time. Two years later, Microsoft released version 2…
Semperis CEO Calls on Security Leaders to Defend Active Directory
- Semperis Team
It might seem like Active Directory is just another service that needs to be recovered in the wake of a cyberattack. But the reality is, AD is a keystone. If it’s compromised, so is your entire environment. Nearly half (47%) of organizations use Active Directory as their primary identity store. 51% use it…
