by | Feb 18, 2024 | Semperis
The most recent Microsoft Digital Defense Report notes that nearly half of all Microsoft Incident Response engagements encountered insecure Active Directory configurations. Mandiant has previously reported that 9 of 10 cyberattacks exploit Active Directory. These...
by | Feb 7, 2024 | Semperis
Modern information security is built on a layered defense. Each layer supports the others and presents additional obstacles to threat actors. From patch management to perimeter firewalls, each layer makes it more difficult for attackers to compromise your network....
by | Feb 5, 2024 | Semperis
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the...
by | Feb 1, 2024 | Semperis
The NTLM relay attack poses a significant threat to organizations that use Active Directory. This attack exploits the NT LAN Manager (NTLM) authentication protocol, a challenge-response mechanism used in Windows networks for user authentication. NTLM relay attacks are...
by | Jan 28, 2024 | Semperis
Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system for most organizations: a critical part of your...
by | Jan 23, 2024 | Semperis
Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a user’s password hash. The attack is difficult to detect and can lead to privilege...
