Identity Threat Detection & Response
Categories
- Active Directory Backup & Recovery (64)
- Active Directory Security (222)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (68)
- Identity Attack Catalog (31)
- Identity Threat Detection & Response (147)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- Semperis University (4)
- The CISO's Perspective (16)
- Threat Research (68)
The Stakes Are Higher in Healthcare: Fighting Cybercrime During a Pandemic
- Gil Kirkpatrick
In the healthcare industry, cybersecurity issues have consequences that go well beyond the loss of data. Recently, the FBI and other federal agencies warned of a credible threat of "increased and imminent cybercrime" to U.S. hospitals and healthcare providers. Criminal groups target the healthcare sector to carry out "data theft…
From Sandworm to a Safer Tomorrow: Lessons from Hybrid Identity Protection 2020
- Thomas Leduc
Four days, 23 speakers and 1576 attendees later, the third annual Hybrid Identity Protection 2020 (HIP) conference has come to a close. And despite being all virtual for the first time, this year’s event was one of the most powerful to date. Day 1 – Crisis Management Just 24 hours…
The Weaponization of Active Directory: An Inside Look at Ransomware Attacks Ryuk, Maze, and SaveTheQueen
- Thomas Leduc
Like never before, Active Directory (AD) is in the attackers’ crosshairs. In this blog, we'll examine how ransomware attacks are abusing AD and how enterprises can evolve their defensive strategies to stay ahead of attackers. First, a quick note about the recent privilege escalation vulnerability dubbed Zerologon, which allows an unauthenticated attacker with network access to…
Takeaways from Zerologon: The Latest Domain Controller Attack
- Thomas Leduc
If there was ever a time to re-examine the security of your Active Directory, it’s now. In response to rising concerns about the notorious Zerologon vulnerability (CVE-2020-1472), the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an "Emergency Directive" to federal agencies to apply Microsoft's patch immediately. Enterprises would…
New survey reveals dangerous gaps in crisis management plans
- Thomas Leduc
When a storm hits, the one who is most prepared is the one who will weather it best. For IT, this storm is digital, a flurry of cyberattacks that routinely touches down on the shores of Microsoft Active Directory (AD). AD is a juicy target, and we all know why.…
Take Back the Keys to Your Kingdom with the Latest Release of Semperis Directory Services Protector
- Darren Mar-Elia | VP of Products
Active Directory is foundational to everything you do and the #1 new target for attackers. Since it wasn’t originally built with today’s threats in mind, Active Directory is riddled with inherent soft spots and risky configurations that attackers are readily taking advantage of. We, here at Semperis, are excited to announce a new release of Directory Services Protector (DS Protector) and the powerful features it includes to detect dangerous vulnerabilities, intercept…
Semperis introduces tools to improve security resiliency of Windows Active Directory
- Byron Acohido
Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber…
How To Prepare For Cyberwar: It Starts With Identity
- Mickey Bresman
Cyberattacks are rapidly evolving in sophistication and scale. The line between the digital and the physical realm has become more blurred. Foreign cyberattackers have used destructive malware to erase data from hard drives and made moves to infiltrate industrial systems. They could make equally damaging moves in the future, given recent political…
