Identity Threat Detection & Response Blog posts from AD security experts - Semperis

How to Defend Against MFA Fatigue Attacks: AD Security 101

Daniel Petri
Dec 05, 2023

An MFA fatigue attack—also known as MFA bombing—is an attack tactic, technique, and procedure (TTP) in which a threat actor floods users with multifactor authentication (MFA) requests. By overwhelming, confusing, or distracting the user into approving a fraudulent request, attackers hope to gain access to your network environment. Microsoft recently…

Semperis Offers New Protection Against Okta Breaches

Semperis Research Team
Aug 30, 2023

In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and Entra ID (formerly Azure AD). But identity protection is just as vital for organizations that use Okta, a cloud-based identity…

How to Protect Active Directory Against Kerberoasting: AD Security 101

Daniel Petri
Aug 25, 2023

Active Directory (AD) remains a crucial backbone for enterprise IT environments, centralizing authentication and authorization for users and computers. However, Active Directory’s importance—coupled with its age and the technical debt it often accrues—makes it a primary target for cyberattacks. One common attack technique, called Kerberoasting, exploits the Kerberos authentication protocol…

How to Prevent a Man-in-the-Middle Attack: AD Security 101

Daniel Petri
Jul 13, 2023

A man-in-the-middle attack, also known as an MitM attack, is a form of eavesdropping in an attempt to steal sensitive data, such as user credentials. These attacks can pose a serious threat to organizations' network security, particularly in environments that use Microsoft Active Directory (AD) for identity management. As Active…

AD Security 101: Securing Primary Group IDs

Daniel Petri
Jul 05, 2023

Welcome to AD Security 101, a series that covers the basics of Active Directory (AD) security. This week, we look at primary group IDs and how unnecessary changes to them can complicate account management. Attackers can also exploit primary group IDs to introduce security risks, including privilege escalation, and to…

Resource-Based Constrained Delegation: AD Security 101

Daniel Petri
Jun 23, 2023

Resource-based constrained delegation (RBCD) is an Active Directory (AD) security feature that enables administrators to delegate permissions in order to manage resources more securely and with greater control. Introduced in Windows Server 2012 R2 as an enhancement to the traditional Kerberos constrained delegation (KCD), RBCD can help to reduce the…

AD Security 101: Domain Controller Security

Daniel Petri
May 05, 2023

For organizations that use Active Directory (AD), securing domain controllers (DCs) is an essential part of AD security. DCs are critical components of the IT infrastructure. These servers hold sensitive and security-related data, including user account information, authentication credentials, and Group Policy objects (GPOs). Naturally, then, DC security is an…

Identity Attack Watch: AD Security News, April 2023

Semperis Research Team
Apr 28, 2023

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

Semperis makes the Deloitte Tech Fast 500 list three years in a row

Semperis ranks top five fastest growing cybersecurity companies in America

Semperis Wins CRN’s Prestigious Partner Program Guide Two Consecutive Years

The CISO's Take on Identity-First Security featuring Simon Hodgkinson

Semperis Named to Fortune Magazine's 2023 Cyber 60 List'

Identity Threat Detection & Response

Categories

Chat with an expert

Download Purple Knight