Semperis

🚨 𝗨𝗻𝗰𝗼𝗻𝘀𝘁𝗿𝗮𝗶𝗻𝗲𝗱 𝗗𝗲𝗹𝗲𝗴𝗮𝘁𝗶𝗼𝗻: 𝗔 𝗖𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗧𝗵𝗿𝗲𝗮𝘁 𝘁𝗼 𝗬𝗼𝘂𝗿 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 🚨 For those responsible for protecting critical assets, unconstrained delegation in Active Directory poses a significant risk. This vulnerability can enable attackers to impersonate users and gain unauthorized access to vital resources. Stay informed and proactive with our latest blog post. In this article, we cover: • The dangers of unconstrained delegation • Steps to defend against these attacks and secure your AD environment • Tools to monitor and mitigate risks, including 𝙋𝙪𝙧𝙥𝙡𝙚 𝙆𝙣𝙞𝙜𝙝𝙩 and 𝙎𝙚𝙢𝙥𝙚𝙧𝙞𝙨 𝘿𝙞𝙧𝙚𝙘𝙩𝙤𝙧𝙮 𝙎𝙚𝙧𝙫𝙞𝙘𝙚𝙨 𝙋𝙧𝙤𝙩𝙚𝙘𝙩𝙤𝙧 Don’t let unconstrained delegation pave the way for cyberattackers. Enhance your defenses now! 🔗 Read more: https://lnkd.in/g54f-_SJ

It was a packed room at BSides Limburg as Jorge de Almeida Pinto, Senior Incident Response Lead at Semperis, took the stage to share best practices for safeguarding Active Directory (AD) security—before and after an attack. Jorge walked attendees through real-world identity security risks, the importance of hybrid identity protection (AD & Entra ID), and how ITDR tools can help identify vulnerabilities before attackers do. He also highlighted the critical role of an AD Recovery Plan in maintaining operational resilience and tackled the challenges of reconnecting AD and Entra ID post-attack.

A new case study from Dragos sheds light on the challenges presented by the notorious Volt Typhoon threat group and its ability to remain undetected for 300 days in the network of a public utility. Semperis' Dan Lattimer spoke to IT Pro about why geopolitical factors will continue to heighten risks for operators in the CNI space and increase the likelihood of OT-related cyberattacks. He also shared some best-practice advice. You can read his interview here: https://lnkd.in/gBEEj3_4

𝗛𝘂𝗻𝗴𝗿𝘆 𝗳𝗼𝗿 𝗕𝗲𝘁𝘁𝗲𝗿 𝗕𝘂𝘀𝗶𝗻𝗲𝘀𝘀 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲? Happy Pie Day to—wait. 𝗧𝗵𝗲𝘀𝗲 𝗽𝗶𝗲𝘀 𝗮𝗿𝗲 𝘁𝗲𝗿𝗿𝗶𝗯𝗹𝗲! Don't risk the resilience of your operations by letting cyberattackers catch you unprepared for Active Directory recovery. AD-specific backups and a tested plan for automated, secure AD recovery are a delicious defense. This Pie Day, grab a fork and fill up on hybrid identity resilience expertise! https://lnkd.in/g4eiR_bG

Ne manquez pas cette série de trois webinars sur la cyber résilience et la protection de vos infrastructures #ActiveDirectory ! 🌐🔐 Inscrivez-vous dès maintenant ! #CyberSécurité

𝗦𝘁𝗿𝗲𝗻𝗴𝘁𝗵𝗲𝗻𝗶𝗻𝗴 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝗻 𝗙𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗦𝗲𝗿𝘃𝗶𝗰𝗲𝘀 SEC Regulation S-P requirements emphasize the importance of robust cybersecurity measures, including for Active Directory (AD). With AD being a prime target for cyberattacks, financial organizations must prioritize its protection and recovery capabilities. • Assess and test current AD disaster recovery plans: Regularly evaluate your AD disaster recovery plans to ensure they are up-to-date and effective. Conduct simulations and drills to test the response to potential AD compromises and identify any weaknesses in the plan. • Identify and address security gaps: Perform thorough security audits to uncover vulnerabilities within your AD infrastructure. (The free 𝙋𝙪𝙧𝙥𝙡𝙚 𝙆𝙣𝙞𝙜𝙝𝙩 tool can help.) Address these gaps by implementing best practices, such as enforcing strong password policies, enabling multi-factor authentication, and regularly updating and patching systems. • Implement automated recovery solutions: Utilize automated tools and solutions (like 𝙎𝙚𝙢𝙥𝙚𝙧𝙞𝙨 𝘼𝘿𝙁𝙍) to streamline the recovery process. These tools can help quickly restore AD functionality in the event of a compromise, minimizing downtime and reducing the impact on business operations. • Ensure a detailed, documented AD recovery plan: Develop a comprehensive recovery plan that outlines the steps to be taken in the event of an AD compromise. This plan should include clear roles and responsibilities, communication protocols, and detailed recovery procedures to ensure a swift and coordinated response. By focusing on these areas, organizations can better protect their identity infrastructure, meet regulatory requirements, and enhance overall cybersecurity resilience. #SECCompliance #FinancialServices #DisasterRecovery

Active Directory (AD) is still indispensable after 25 years, and Sean Deuby, Principal Technologist at Semperis, explained recently to The Stack why isn’t going anywhere anytime soon. The challenge is securing AD and Entra ID which is a prime target for attackers. Read The Stack's look back at 25 years of AD and Sean's advice here: https://lnkd.in/gmK5_w5P

𝗚𝗼𝗹𝗱𝗲𝗻 𝗧𝗶𝗰𝗸𝗲𝘁 𝗔𝘁𝘁𝗮𝗰𝗸𝘀: 𝗔 𝗖𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗧𝗵𝗿𝗲𝗮𝘁 𝘁𝗼 𝗔𝗰𝘁𝗶𝘃𝗲 𝗗𝗶𝗿𝗲𝗰𝘁𝗼𝗿𝘆 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 Golden Ticket attacks are a powerful method used by cybercriminals to gain full control over an Active Directory environment. By compromising the KRBTGT account, attackers can forge Kerberos Ticket Granting Tickets (TGTs) and impersonate any user, granting them unrestricted access to domain resources. Why You Need to Know: • Unrestricted Access: Attackers can access any resource within the domain, posing a significant security risk. • Detection Challenges: These attacks can be difficult to detect due to the forged tickets appearing legitimate. • Defense Strategies: Implement a tiered administration model, reduce privileged accounts, and regularly reset the KRBTGT account password. Understanding how Golden Ticket attacks work is crucial for IT and cybersecurity professionals. Equip your team with the knowledge to detect and defend against these sophisticated threats. https://lnkd.in/dbH39vyB #CyberSecurity #GoldenTicket #Kerberos #ActiveDirectory

🔒 Conférence Forum INCYBER Europe (FIC) : « Pourquoi l’Identité est-elle toujours une priorité en 2025 ? » 📅 Le 2 avril de 15h à 15h45, Lille Grand-Palais, salle 3.7 💡En 2017 et suite à la généralisation des ransomware utilisant les failles liées à l’identité, ce sujet a pris une place importante dans les préoccupations des RSSI. Malgré le déploiement des solutions du type IAM, IGA et PAM, mais également la démocratisation de l’usage du modèle de tiering, l’identité reste toujours une priorité en 2025. Pourquoi une telle persistance, et quels sont les défis d’aujourd’hui ? 🔍 Cette conférence sera co-animée par Benoit Fuzeau, président du Clusif , et Matthieu Trivier 🛡️, Directeur avant-vente EMEA chez Semperis . Programme complet : https://lnkd.in/eaNiKwx6 #cybersécurité #résilience

Public sector IT & security teams: The deck is stacked against you. 🚨 ✅ Legacy systems that weren’t built for today’s cyber threats ✅ Remote infrastructure creating blind spots ✅ Siloed teams & outdated security practices ✅ Limited budgets stretching resources thin But cybercriminals don’t care about your constraints—they exploit them. That’s why public sector organizations trust Semperis to close identity security gaps. https://lnkd.in/giVnya_K