As cyberattacks targeting Active Directory continue to rise, AD security, identity, and IT teams face mounting pressure to monitor the evolving AD-focused threat landscape. To assist IT professionals in comprehending and preventing attacks that involve AD, the Semperis Research Team publishes a monthly roundup of recent cyberattacks. In this month’s roundup, Black Basta targets ABB and German manufacturer Rheinmetall AG, LockBit claims an attack on MCNA Dental, and BlackCat/ALPHV compromises Constellation Software.

Black Basta targets ABB and German manufacturer Rheinmetall AG 

Ransomware group Black Basta claimed an attack on multinational technology company ABB that targeted the company’s Active Directory system, disrupting devices and exfiltrating customer data. Black Basta also targeted German arms and automotive manufacturer Rheinmetall AG.   

Read more

LockBit claims attack on MCNA Dental

Nearly 9 million patients’ data was compromised in a cyberattack on Managed Care of North America (MCNA) Dental. The attack was claimed by LockBit ransomware group, whose tactics include exploiting Active Directory Group Policy.

Read more

ALPHV/BlackCat group targets Canadian software company Constellation

Ransomware gang ALPHV (aka BlackCat) claimed an attack on Canada-based Constellation Software that extracted personal information and business data.

Read more

More resources

Semperis Recovery for Azure AD: Protecting Critical Resources – Semperis

AD Security 101: Domain Controller Security – Semperis

Would Your Organization Fail an Identity Assessment? | Semperis

The post Identity Attack Watch: AD Security News, May 2023 appeared first on Semperis.