Threat Research
Categories
- Active Directory Backup & Recovery (56)
- Active Directory Security (162)
- AD Security 101 (10)
- Community Tools (16)
- Directory Modernization (9)
- From the Front Lines (65)
- Hybrid Identity Protection (52)
- Identity Threat Detection & Response (112)
- Our Mission: Be a Force for Good (14)
- Purple Knight (4)
- The CISO's Perspective (12)
- Threat Research (45)
- Uncategorized (1)
Using Purple Knight to Detect the Okta Super Admin Attack
- Yossi Rachman
- Sep 07, 2023
The recent increase in sophisticated cyberattacks highlights the vulnerabilities inherent in online platforms and identity management systems. To address the increased risk, Semperis recently expanded Purple Knight, its open-source, community-based vulnerability assessment tool, to encompass the Okta identity management platform. This strategic move is geared toward bolstering the security of…
Semperis Offers New Protection Against Okta Breaches
- Semperis Research Team
- Aug 30, 2023
In an ever-evolving digital landscape, organizations rely on robust identity protection solutions to safeguard sensitive data and maintain secure operations. For most enterprise businesses, that means protecting Active Directory and Entra ID (formerly Azure AD). But identity protection is just as vital for organizations that use Okta, a cloud-based identity…
Protecting Active Directory from Kerberoasting
- Daniel Petri
- Aug 25, 2023
Active Directory (AD) remains a crucial backbone for enterprise IT environments, centralizing authentication and authorization for users and computers. However, Active Directory’s importance—coupled with its age and the technical debt it often accrues—makes it a primary target for cyberattacks. One common attack technique, called Kerberoasting, exploits the Kerberos authentication protocol…
How to Prevent a Man-in-the-Middle Attack: AD Security 101
- Daniel Petri
- Jul 13, 2023
Man-in-the-middle attacks, also known as MitM attacks, are a form of eavesdropping. These attacks can pose a serious threat to organizations' network security, particularly in environments that use Microsoft Active Directory (AD) for identity management. What is a man-in-the-middle attack? In a man-in-the-middle attack, a malicious actor positions themselves between…
AD Security Research: Breaking Trust Transitivity
- Charlie Clark
- Mar 14, 2023
While playing with Kerberos tickets, I discovered an issue that allowed me to authenticate to other domains within an Active Directory (AD) forest across external non-transitive trusts. This means that there is in fact no such thing as a “non-transitive trust.” The term is at best misleading and offers systems…
Identity Attack Watch: AD Security News, February 2023
- Semperis Research Team
- Feb 28, 2023
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To help IT and identity security professionals understand and improve AD security, the Semperis Research Team publishes a monthly roundup of recent identity-related cyberattacks. This month's…
Identity Attack Watch: AD Security News, January 2023
- Semperis Research Team
- Jan 31, 2023
Cyberattacks targeting Active Directory are on the upswing, putting pressure on identity and Active Directory (AD) security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that…
Identity Attack Watch: December 2022
- Semperis Research Team
- Dec 30, 2022
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…
