As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s round-up of identity-related attacks, LockBit targets a German hospital group, Clop’s MOVEit breach snares Delta Dental, and BlackCat/ALPHV mounts attacks on Norton Healthcare and HTC Global Services.
LockBit targets German hospital group
Ransomware gang LockBit, whose tactics include compromising Active Directory (AD), claimed responsibility for an attack on German hospital group Katholische Hospitalvereinigung Ostwestfalen (KHO).
MOVEit breach claims Delta Dental
The MOVEit file transfer software claimed by Clop ransomware group hit Delta Dental of California, compromising personal data of about 7 million customers.
Norton Healthcare discloses data breach claimed by BlackCat/ALPHV
Kentucky-based Norton Healthcare group confirmed a ransomware attack earlier this year that compromised personal data of patients, employees, and dependents. The attack was claimed by BlackCat/ALPHV, which targets AD as one of its tactics.
BlackCat/ALPHV hits HTC Global Services
IT services company HTC Global Services suffered a ransomware attack by BlackCat/ALPHV that leaked data including passport information and confidential documents.
More resources
A Swift Ransomware Response is the Path to Business Resiliency – Semperis
How to Defend Against MFA Fatigue Attacks: Semperis AD 101
Using Purple Knight to Detect the Okta Super Admin Attack – Semperis
The post Identity Attack Watch: AD Security News, December 2023 appeared first on Semperis.