As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s round-up of identity-related attacks, LockBit targets a German hospital group, Clop’s MOVEit breach snares Delta Dental, and BlackCat/ALPHV mounts attacks on Norton Healthcare and HTC Global Services.

LockBit targets German hospital group

Ransomware gang LockBit, whose tactics include compromising Active Directory (AD), claimed responsibility for an attack on German hospital group Katholische Hospitalvereinigung Ostwestfalen (KHO).

Read more

MOVEit breach claims Delta Dental

The MOVEit file transfer software claimed by Clop ransomware group hit Delta Dental of California, compromising personal data of about 7 million customers.

Read more

Norton Healthcare discloses data breach claimed by BlackCat/ALPHV

Kentucky-based Norton Healthcare group confirmed a ransomware attack earlier this year that compromised personal data of patients, employees, and dependents. The attack was claimed by BlackCat/ALPHV, which targets AD as one of its tactics.

Read more

BlackCat/ALPHV hits HTC Global Services

IT services company HTC Global Services suffered a ransomware attack by BlackCat/ALPHV that leaked data including passport information and confidential documents.

Read more

More resources

A Swift Ransomware Response is the Path to Business Resiliency – Semperis

How to Defend Against MFA Fatigue Attacks: Semperis AD 101

Using Purple Knight to Detect the Okta Super Admin Attack – Semperis

The post Identity Attack Watch: AD Security News, December 2023 appeared first on Semperis.