From the Front Lines
Categories
- Active Directory Backup & Recovery (56)
- Active Directory Security (180)
- AD Security 101 (15)
- Community Tools (17)
- Directory Modernization (9)
- From the Front Lines (67)
- Hybrid Identity Protection (60)
- Identity Attack Catalog (9)
- Identity Threat Detection & Response (121)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (13)
- Threat Research (47)
- Uncategorized (1)
Detecting and Mitigating the PetitPotam Attack on Windows Domains
- Ran Harel
- Aug 02, 2021
Update August 10, 2021: Microsoft released a patch that partially covers the initial PetitPotam authentication coercion through MS-EFSR. Fresh on the heels of PrintNightmare and SeriousSam, we now have another high-impact attack vector on Windows domains that is relatively easy to carry out and difficult to mitigate. What is now…
Identity Attack Watch: July 2021
- Semperis Research Team
- Jul 30, 2021
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
What You Need to Know about PrintNightmare, the Critical Windows Print Spooler Vulnerability
- Ran Harel
- Jul 06, 2021
Update July 6, 2021: Microsoft has released a patch for CVE 2021-34527, available here. Another week, another critical vulnerability. The latest critical security flaw is dubbed “PrintNightmare,” a reference to two vulnerabilities in the Windows Print Spooler service—CVE 2021-1675 and CVE 2021-34527, published between June and July 2021. CVE 2021-1675…
Identity Attack Watch: June 2021
- Semperis Research Team
- Jun 25, 2021
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
Semperis Directory Services Protector Wins 2021 Fortress Cyber Security Award
- Semperis Team
- Jun 15, 2021
Semperis was named a winner in the 2021 Fortress Cyber Security Awards (Incident Response category) for Directory Services Protector (DSP). The Fortress Awards identify and reward the world’s leading companies and products that are working to keep data and electronic assets safe among a growing threat from hackers. Semperis Directory Services…
Identity Attack Watch: May 2021
- Semperis Research Team
- May 28, 2021
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
Hafnium Attack Timeline
- Sean Deuby
- May 05, 2021
The attacks on Microsoft Exchange servers around the world by Chinese state-sponsored threat group Hafnium are believed to have affected over 21,000 organizations. The impact of these attacks is growing as the four zero-day vulnerabilities are getting picked up by new threat actors. While the world was introduced to these…
Leading CISOs Discuss Shifting Priorities Amidst Increased Security Threats
- Semperis Team
- Mar 01, 2021
What keeps CISOs up at night? And where should CISOs focus to bring value to the business? How should priorities shift given the proliferation of cyberattacks that threaten to disrupt businesses worldwide? To help cut through some of the noise, we partnered with Redmond Magazine to convene leading CISOs in a discussion…
