by | Apr 19, 2022 | Semperis
In a webinar I co-hosted with Semperis (the folks behind the Purple Knight security assessment tool), we focused on a key common denominator across recent high-profile attacks: Active Directory. In the session “How Attackers Exploit Active Directory: Lessons Learned...
by | Mar 31, 2022 | Semperis
Cyberattacks targeting Active Directory (AD) are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis...
by | Mar 30, 2022 | Semperis
Note: Updated March 30, 2022 At a past Hybrid Identity Protection Conference, several of us spoke about the ongoing use of Active Directory as a subject of interest in malware attacks. Whether it’s mining AD for information about privileged access, compromising user...
by | Mar 22, 2022 | Semperis
In 2019, the Financial Conduct Authority (FCA) proposed changes to how institutions within the UK financial sector ensure operational resilience, particularly against the threat of cyberattacks. The FCA will start enforcing the guidance on March 31, 2022. All...
by | Mar 1, 2022 | Semperis
This article introduces a new attack targeting Group Managed Service Accounts (gMSA), dubbed the “Golden GMSA” attack, allowing attackers to dump Key Distribution Service (KDS) root key attributes and then generate the password for all the associated gMSAs offline. ...
by | Feb 28, 2022 | Semperis
As the world continues to embrace digital transformation and distributed work, businesses will continue to deploy SaaS apps—while continuing to use on-premises tools. Hybrid ecosystems are becoming increasingly common as a result. Unfortunately, current identity and...
