Registration Open: Hybrid Identity Protection Conference in New Orleans, November 13-14
Back to blogs listing

Threat Research

Categories

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
Identity Attack Watch: AD Security News, January 2023

Identity Attack Watch: AD Security News, January 2023

  • Semperis Research Team
  • Jan 31, 2023

Cyberattacks targeting Active Directory are on the upswing, putting pressure on identity and Active Directory (AD) security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that…

Identity Attack Watch: December 2022

Identity Attack Watch: December 2022

  • Semperis Research Team
  • Dec 30, 2022

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

Identity Attack Watch: November 2022

Identity Attack Watch: November 2022

  • Semperis Research Team
  • Nov 30, 2022

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

SyncJacking: Hard Matching Vulnerability Enables Entra ID Account Takeover

SyncJacking: Hard Matching Vulnerability Enables Entra ID Account Takeover

  • Tomer Nahum
  • Nov 18, 2022

This post describes an abuse of hard matching synchronization in Entra Connect that can lead to Entra ID account takeover. These findings build on the research that Semperis published in August, which described abuse of soft matching (also known as SMTP matching). This SyncJacking vulnerability means that an attacker with…

Identity Attack Watch: October 2022

Identity Attack Watch: October 2022

  • Semperis Research Team
  • Oct 31, 2022

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…

SYSVOL: Preventing a Horror Story

SYSVOL: Preventing a Horror Story

  • Tammy Mindel
  • Oct 20, 2022

October is Cybersecurity Awareness Month, and an excellent time to bust the ghosts of configurations past. One of the actions that the Cybersecurity & Infrastructure Security Agency (CISA) and National Cybersecurity Alliance (NCA) recommend taking is “Update your software.” A perfect place to start: Rid your domains of the outdated…

The Growing Threat of Ransomware as a Service

The Growing Threat of Ransomware as a Service

  • Sean Deuby
  • Oct 04, 2022

Ransomware attacks have reportedly declined this year. But don’t start celebrating just yet. “Gang models are evolving,” notes my colleague, Alexandra (Alix) Weaver, Semperis Solutions Architect. “I caution everyone: Do not let your guard down.” Part of the changing trend, Alix says, might be attributed to an increase in the…

Identity Attack Watch: September 2022

Identity Attack Watch: September 2022

  • Semperis Research Team
  • Sep 30, 2022

Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD…