Threat Research

How to Defend Against a Password Spraying Attack

How to Defend Against a Password Spraying Attack

  • Daniel Petri | Senior Training Manager

Active Directory remains a critical infrastructure component for managing network resources, login credentials, and user authentication. Yet its centrality makes it a prime target for cyberattacks. One such evolving cyberattack is password spraying, a threat that's gained in complexity in recent years. Password spraying attacks stand out due to their…

Identity Attack Watch: AD Security News, May 2024

Identity Attack Watch: AD Security News, May 2024

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks and provides additional…

How to Defend Against SID History Injection

How to Defend Against SID History Injection

  • Daniel Petri | Senior Training Manager

Security Identifier (SID) History injection is a sophisticated cyberattack vector that targets Windows Active Directory environments. This attack exploits the SID History attribute, which is intended to maintain user access rights during migrations from one domain to another. By injecting malicious SID values into this attribute, an attacker can escalate…

Identity Attack Watch: AD Security News, April 2024

Identity Attack Watch: AD Security News, April 2024

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks and provides additional…

Identity Attack Watch: AD Security News, March 2024

Identity Attack Watch: AD Security News, March 2024

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

LDAP Injection Attack Defense: AD Security 101

LDAP Injection Attack Defense: AD Security 101

  • Daniel Petri | Senior Training Manager

LDAP injection represents a formidable cyberattack vector, targeting the authentication and authorization mechanisms within your Active Directory environment. By exploiting improper input validation, attackers can manipulate LDAP statements and potentially gain unauthorized access to your directory service. Semperis cybersecurity and identity security experts have a deep understanding of LDAP injection,…

Identity Attack Watch: AD Security News, February 2024

Identity Attack Watch: AD Security News, February 2024

  • Semperis Research Team

As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s…

Meet Silver SAML: Golden SAML in the Cloud

Meet Silver SAML: Golden SAML in the Cloud

  • Tomer Nahum and Eric Woodruff

Key findings Golden SAML, an attack technique that exploits the SAML single sign-on protocol, was used as a post-breach exploit, compounding the devastating SolarWinds attack of 2020—one of the largest breaches of the 21st century. The supply chain SolarWinds attack affected thousands of organizations around the world, including the U.S.…