by | Nov 21, 2024 | Semperis
In a Zerologon exploit, an attacker with access to a network takes advantage of a critical flaw in the Netlogon Remote Protocol (MS-NRPC) to impersonate any computer, including a domain controller (DC). This flaw is known as Zerologon—a vulnerability that can give...
by | Oct 29, 2024 | Semperis
[Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Broad cybersecurity support encompasses a wide variety of obligations, ranging from compliance documentation to user training. But the most challenging—and essential—aspect of Microsoft...
by | Oct 24, 2024 | Semperis
[Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.] Any observer of public sector cybersecurity will recognize the serious challenges in information technology (IT) protections for U.S. public sector agencies over the past few decades....
by | Oct 17, 2024 | Semperis
A recent report from the cybersecurity agencies in the Five Eyes alliance, including CISA and the NSA, urges organizations to strengthen the security of their Microsoft Active Directory (AD) deployments—a prime target for cyber attackers. The report describes dozens...
by | Oct 16, 2024 | Semperis
Cybersecurity agencies from the Five Eyes alliance, including CISA and the NSA, are urging organizations to strengthen security around Microsoft Active Directory (AD), a prime target for cyberattackers. The alliance’s recent report highlights more than a dozen tactics...
by | Sep 23, 2024 | Semperis
Password spraying detection is a vital ability for all organizations. In a password spraying attack, the attacker attempts to gain unauthorized access by trying a few common or weak passwords across many accounts rather than targeting a single account with many...