by | Feb 26, 2024 | Semperis
[Updated February 21, 2024; originally published December 14, 2017] Active Directory is the most critical identity system for most enterprises. The problem is that in the two-plus decades since Active Directory was released, the enterprise security landscape has...
by | Feb 20, 2024 | Semperis
[Updated February 14, 2024; originally published November 29, 2021] The number and scope of confusing and risky security settings in Active Directory are becoming better known with every new cyberattack. Many of these vulnerabilities can be attributed to risky...
by | Feb 18, 2024 | Semperis
In the constantly evolving landscape of cyber threats, the Overpass the Hash attack is a potent vector. Leveraging the NTLM authentication protocol, this attack enables adversaries to bypass the need for plaintext passwords. Instead, an Overpass the Hash attack...
by | Feb 18, 2024 | Semperis
The most recent Microsoft Digital Defense Report notes that nearly half of all Microsoft Incident Response engagements encountered insecure Active Directory configurations. Mandiant has previously reported that 9 of 10 cyberattacks exploit Active Directory. These...
by | Feb 7, 2024 | Semperis
Modern information security is built on a layered defense. Each layer supports the others and presents additional obstacles to threat actors. From patch management to perimeter firewalls, each layer makes it more difficult for attackers to compromise your network....
by | Feb 5, 2024 | Semperis
As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the...
