Active Directory
Attivo Networks Extends Microsoft Active Directory Protection
Attivo Networks today announced it has extended Active Directory protection by adding an ability to more efficiently detect identity-based attacks at the domain controller level from all endpoints. Carolyn Crandall, chief security ...
Enzoic Expands Automated Credentials Monitoring in Active Directory
Solution Now Continuously Screens for Both Unsafe Passwords and Compromised Full Credentials Reducing the Risk of a Cyberattack Boulder, CO – March 2, 2022 – Enzoic, a leading provider of compromised credential ...
Five Tips for Locking Down Password Security
Taking Action on Active Directory Active Directory (AD) is ubiquitous cross-industry and due to its popularity, cybercriminals have continually targeted it. Therefore, prioritizing safe passwords in AD is crucial. Here are five ...
Introducing the Golden GMSA Attack
This article introduces a new attack targeting Group Managed Service Accounts (gMSA), dubbed the “Golden GMSA” attack, allowing attackers to dump Key Distribution Service (KDS) root key attributes and then generate the ...
Defending Hybrid Identity Environments Against Cyberattacks
As the world continues to embrace digital transformation and distributed work, businesses will continue to deploy SaaS apps—while continuing to use on-premises tools. Hybrid ecosystems are becoming increasingly common as a result ...
Identity Attack Watch: February 2022
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard ...
SPN-jacking: An Edge Case in WriteSPN Abuse
Some people are a hammer in search of a nail, but I’m a hammer in search of Kerberos delegation. So, when I heard that a WriteSPN edge was introduced to BloodHound 4.1, ...
Introducing BloodHound 4.1 — The Three Headed Hound
Introducing BloodHound 4.1 — The Three Headed HoundPrior WorkAnalyzing Active Directory attack paths using graph theory is not a new concept. Prior work includes the following:Heat-ray by John Dunagan, Alice Zheng, and Daniel R. Simon (2009)Airbus ...
Semperis Chief Technologist Guido Grillenmeier Speaks at 18th German IT Security Congress
Guido Grillenmeier, Semperis Chief Technologist, will contribute a presentation, “Combating an ongoing attack on an identity system,” at the 18th German IT Security Congress, an event hosted by the German Federal Office ...
Identity Attack Watch: January 2022
Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard ...
