by Darrenlux23dWoldVent | Jan 20, 2025 | Semperis
Unless you avoid cybersecurity news, you know that Active Directory (AD)—the primary identity system for 90% of organizations worldwide—is now the #1 target for cyberattackers. AD controls authentication and access to applications and services across the organization....
by Darrenlux23dWoldVent | Jan 18, 2025 | Semperis
LDAPNightmare, recently published by SafeBreach Labs, is a proof-of-concept exploit of a known Windows Lightweight Directory Access Protocol (LDAP) denial-of-service vulnerability (CVE-2024-49113). What is LDAPNightmare, how dangerous is this exploit, and how can you...
by | Dec 24, 2024 | Semperis
For organizations of any size, managing hybrid identity security across on-premises and cloud environments can be challenging, and Purple Knight has long been trusted to expose risky misconfigurations. Lightning Intelligence, a SaaS security posture assessment,...
by | Dec 23, 2024 | Semperis
CISOs in the financial sector have another new regulatory challenge to contend with. Earlier this year, the U.S. Securities and Exchange Commission (SEC) adopted new cybersecurity incident response and disclosure rules, demanding new approaches to disaster recovery...
by | Nov 21, 2024 | Semperis
In a Zerologon exploit, an attacker with access to a network takes advantage of a critical flaw in the Netlogon Remote Protocol (MS-NRPC) to impersonate any computer, including a domain controller (DC). This flaw is known as Zerologon—a vulnerability that can give...
by | Oct 29, 2024 | Semperis
[Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Broad cybersecurity support encompasses a wide variety of obligations, ranging from compliance documentation to user training. But the most challenging—and essential—aspect of Microsoft...
