by | Jan 31, 2024 | Semperis
The NTLM relay attack poses a significant threat to organizations that use Active Directory. This attack exploits the NT LAN Manager (NTLM) authentication protocol, a challenge-response mechanism used in Windows networks for user authentication. NTLM relay attacks are...
by | Jan 28, 2024 | Semperis
Welcome to the final installment of this series discussing CISA and NSA top ten cybersecurity misconfigurations in the context of hybrid Active Directory environments. Active Directory is the identity system for most organizations: a critical part of your...
by | Jan 23, 2024 | Semperis
Many Active Directory attacks begin with a stolen password. However, a Pass the Hash attack takes a different approach. In this example of credential theft, threat actors instead steal a user’s password hash. The attack is difficult to detect and can lead to privilege...
by | Jan 22, 2024 | Semperis
When it comes to cybersecurity—especially the security of critical identity infrastructure—the minimum expectation for every organization should be closing known vulnerabilities and configuration gaps. Welcome to the second of our three-part discussion of how the CISA...
by | Jan 17, 2024 | Semperis
Any organization that relies on Kerberos authentication—the primary authentication method in Active Directory environments—is potentially vulnerable to a Pass the Ticket attack. Organizations that do not regularly patch their systems, monitor and secure Active...
by | Jan 16, 2024 | Semperis
Late last year, the United States National Security Agency’s (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a list of the most common vulnerabilities in large computer networks. This list of CISA and NSA top ten cybersecurity...
