As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s roundup, Black Basta targets ABB and German manufacturer Rheinmetall AG, LockBit claims an attack on MCNA Dental, and BlackCat/ALPHV compromises Constellation Software.
Black Basta targets ABB and German manufacturer Rheinmetall AG
Ransomware group Black Basta claimed an attack on multinational technology company ABB that targeted the company’s Active Directory system, disrupting devices and exfiltrating customer data. Black Basta also targeted German arms and automotive manufacturer Rheinmetall AG.
LockBit claims attack on MCNA Dental
Nearly 9 million patients’ data was compromised in a cyberattack on Managed Care of North America (MCNA) Dental. The attack was claimed by LockBit ransomware group, whose tactics include exploiting Active Directory Group Policy.
ALPHV/BlackCat group targets Canadian software company Constellation
Ransomware gang ALPHV (aka BlackCat) claimed an attack on Canada-based Constellation Software that extracted personal information and business data.
More resources
Semperis Recovery for Azure AD: Protecting Critical Resources – Semperis
AD Security 101: Domain Controller Security – Semperis
Would Your Organization Fail an Identity Assessment? | Semperis
The post Identity Attack Watch: AD Security News, May 2023 appeared first on Semperis.