From Sandworm to a Safer Tomorrow: Lessons from Hybrid Identity Protection 2020
Four days, 23 speakers and 1576 attendees later, the third annual Hybrid Identity Protection 2020 (HIP) conference has come to a close. And despite being all virtual for the first time, this year’s event was one of the most powerful to date. Day 1 – Crisis Management Just 24 hours ... Read More
The Weaponization of Active Directory: An Inside Look at Ransomware Attacks Ryuk, Maze, and SaveTheQueen
Like never before, Active Directory (AD) is in the attackers’ crosshairs. In this blog, we’ll examine how ransomware attacks are abusing AD and how enterprises can evolve their defensive strategies to stay ahead of attackers. First, a quick note about the recent privilege escalation vulnerability dubbed Zerologon, which allows an unauthenticated attacker with network access to ... Read More
Takeaways from Zerologon: The Latest Domain Controller Attack
If there was ever a time to re-examine the security of your Active Directory, it’s now. In response to rising concerns about the notorious Zerologon vulnerability (CVE-2020-1472), the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an “Emergency Directive” to federal agencies to apply Microsoft’s patch immediately. Enterprises would ... Read More
New survey reveals dangerous gaps in crisis management plans
When a storm hits, the one who is most prepared is the one who will weather it best. For IT, this storm is digital, a flurry of cyberattacks that routinely touches down on the shores of Microsoft Active Directory (AD). AD is a juicy target, and we all know why ... Read More
