Identity Threat Detection & Response

Zerologon Exploit Explained

Zerologon Exploit Explained

| | active directory security, Identity Attack Catalog, Identity Threat Detection & Response
In a Zerologon exploit, an attacker with access to a network takes advantage of a critical flaw in the Netlogon Remote Protocol (MS-NRPC) to impersonate any computer, including a domain controller (DC) ...
Semperis
Password Spraying Detection in Active Directory

Password Spraying Detection in Active Directory

| | active directory security, Hybrid Identity Protection, Identity Threat Detection & Response
Password spraying detection is a vital ability for all organizations. In a password spraying attack, the attacker attempts to gain unauthorized access by trying a few common or weak passwords... The post ...
Semperis

The 5 Pillars for DORA Compliance in Active Directory

| | active directory security, Identity Threat Detection & Response
The Digital Operational Resilience Act (DORA) is an incoming European Union (EU) legislative framework aimed at fortifying the operational resilience of digital systems within the financial sector. All finance entities... The post ...
Semperis
A New App Consent Attack: Hidden Consent Grant

A New App Consent Attack: Hidden Consent Grant

| | Identity Attack Catalog, Identity Threat Detection & Response, Threat Research
Key findings Within Microsoft Azure, the Directory.ReadWrite.All permission holds significant implications. This permission enables a multitude of actions, including user editing and access to all data within the directory. Sound... The post ...
Semperis
UnOAuthorized: Privilege Elevation Through Microsoft Applications

UnOAuthorized: Privilege Elevation Through Microsoft Applications

| | Identity Attack Catalog, Identity Threat Detection & Response, Threat Research
This article details a series of Semperis security research team discoveries that resulted in the ability to perform actions in Entra ID beyond expected authorization controls, based on analysis of... The post ...
Semperis
Hello, My Name Is Domain Admin

Hello, My Name Is Domain Admin

| | active directory security, Community Tools, From the Front Lines, Identity Threat Detection & Response, The CISO's Perspective
My friends know I’m a movie buff. Being also a mixed martial enthusiast, one of my all-time favorites is Fight Club, based on Chuck Palahniuk’s first novel. The story is... The post ...
Semperis
Strengthening Incident Response with Forest Druid

Strengthening Incident Response with Forest Druid

| | active directory security, Community Tools, Identity Threat Detection & Response
Forest Druid is a free attack path discovery tool for hybrid identity environments, such as Active Directory and Entra ID. Unlike traditional tools that map attack paths from the external... The post ...
Semperis
New Ransomware Statistics Reveal Increased Need for Active Directory Security and Resilience

New Ransomware Statistics Reveal Increased Need for Active Directory Security and Resilience

| | active directory security, From the Front Lines, Identity Threat Detection & Response, The CISO's Perspective, Threat Research
By now, we’re all familiar with the need for an “assume breach” mindset where ransomware and other cyber threats are concerned. To better understand the necessity and challenges of this... The post ...
Semperis

The Importance of Tiered Delegation and ACL Management

| | active directory security, Identity Threat Detection & Response
Active Directory (AD) plays a critical role as the primary identity provider for numerous organizations throughout the world, forming the backbone of access control and authentication systems. However, its central... The post ...
Semperis
DORA Compliance and ITDR

DORA Compliance and ITDR

| | Identity Threat Detection & Response, The CISO's Perspective
Organizations in the financial services sector have less than a year to demonstrate DORA compliance. What is DORA, does it apply to your organisation, and how does DORA compliance intersect... The post ...
Semperis
Load more