The Leader in AI-Powered Identity Security and Cyber Resilience for Hybrid Environments.

Hoboken, NJ
#Cyberattackers are always devising new ways to compromise #ActiveDirectory. In this post, Semperis Researcher Yuval Gordon explores a little-known DACL tactic that attackers can use to hide membership from a group and possibly evade detection. bit.ly/3AGlTdG
4
45
284
Is your hybrid identity environment vulnerable to a #cyberattack? On-premises #ActiveDirectory and #AzureAD are unique—but they’re not separate. Find out how Semperis DSP helps protect your hybrid #identity system: semperis.com/solutions/secur…
5
29
225
New research from Semperis' Charlie Clark (@exploitph) describes a vulnerability that could open new attack paths, detection bypasses, and potential weakening of security controls, putting orgs at higher risk from #Kerberoasting and other attacks. 👇 semperis.com/blog/new-attack…
1
133
260
With the transition to hybrid #identity environments, organizations must defend against a rise in attacks that enter companies through on-premises #AD, then move to the cloud. DSP 3.6 aims to help detect and remediate security risks, reports @SCMagazine. bit.ly/2ZJpDh3
2
39
207
#AzureAD admins, beware: #Cyberattackers can use SMTP matching to obtain privileged access via eligible role assignments. In this post by @SemperisTech Security Researchers Sapir Federovsky and Tomer Nahum, learn how- and how to stop them. semperis.com/blog/smtp-match…
74
166
What’s new in the #identity threat landscape? An attack on US broadcast company Sinclair, Microsoft’s warnings about delegating privileges to service providers, a second BlackMatter attack on Olympus, and more. Check out the October Identity Attack Watch:semperis.com/blog/identity-a…
2
21
102
Research from Enterprise Management Associates (EMA) and Semperis finds that unknown vulnerabilities top the list of #ActiveDirectory security concerns of IT security practitioners. Read more here: bit.ly/3r9plLP 📥 Download the report now at semperis.com/resources/unkno….
1
16
87
Semperis’ #Hacker in Residence, @Sidragon1, joined @JillAitoro to discuss the reality breached companies face as they “have to go look in the mirror and ask, 'why didn’t we see it? We have multi-billion dollar systems in place that should detect this,' ” bit.ly/3pNiBQ7
15
77
Privilege escalation is a prime tool for attackers to infiltrate your #ActiveDirectory--and from there, anything they want. Learn more about a vulnerability that can enable #cyberattackers to target AD Certificate Services and take over your domain. semperis.com/blog/ad-vulnera…
47
87
You're familiar with the Golden Ticket attack, but what about the Diamond Ticket? Semperis Security Researcher @exploitph and @TrustedSec's @4ndr3w6S reveal the result of research into this potential #securityvulnerability: lnkd.in/gNYf2Gxz.
1
55
78
Although the threat landscape is continually expanding, organizations can improve their security posture by addressing the identity-related vulnerabilities covered in the #ActiveDirectory Security Halftime Report. 📥 Download the report for free at bit.ly/halftime-report-2021.
1
19
58
Expert speakers from @HIPConf look back at 2020 and what they're focusing on in the year ahead as they work to solve complex #IdentitySecurity & access challenges: bit.ly/2WGlHsK Featuring: @ber_mic, @a_greenberg, @Sidragon1, @wimvdheijkant, @grouppolicyguy, @shorinsean
15
57
How secure is your #ActiveDirectory environment? Find out with #PurpleKnight, a free #security assessment tool that uncovers dangerous misconfigurations attackers can use to steal data and launch #malware campaigns. ​bit.ly/2Ov4Fxr
4
27
56
#ActiveDirectory has become the Achilles' Heel of organizations' security programs. Why? It's the beating heart of access to business-critical resources and systems. Use this guide to prepare your company for a complete overhaul of your AD program: bit.ly/39Ic04x
18
52
Semperis Security Researcher Tomer Nahum (@TomerNahum1) reports hard matching abuse that can enable #Azure AD account takeover in hybrid identity environments. Learn more: semperis.com/blog/syncjackin… #activedirectory
1
26
48
Looking for proactive steps you can take to protect your company from a #ransomware-as-a-service (#RaaS) attack similar to the #ColonialPipelineHack? Check out these resources and request FREE access to the security vulnerabilities tool, #PurpleKnight: bit.ly/3yno996
1
16
40
#ICYMI Read more about how Semperis solutions are tailor-made and trusted by enterprises worldwide to "Toughen Up Your AD." bit.ly/2OYX2wT #ActiveDirectory #NCSAM #FlashbackFriday #CyberSecurity #CyberAware
2
9
36
Shifting to a hybrid identity management model in an #ActiveDirectory-centric environment has rewards—and risks. Doug Davis, Semperis Senior Product Manager, offers security considerations to watch for when integrating #AzureAD with on-prem AD. bit.ly/2ZCAd6d
22
36
The latest Egregor #ransomware attack on Kmart serves as a reminder that #ActiveDirectory requires special attention within an organization’s #cybersecurity strategy. Read more from @grouppolicyguy on why AD needs to be protected and recoverable: bit.ly/2Icmpdy.
1
13
32
Finding it hard to keep track of the increasing #cyberattacks targeting #ActiveDirectory? The new Identity Attack Watch roundup from our Research Team offers a monthly digest of recent incidents to help IT pros better understand and guard against threats. bit.ly/39NOtii
18
34
#ActiveDirectory is like air… you don't notice it until it's gone. We surveyed over 350 identity-centric security leaders on the current state of cyber preparedness as it relates to recovering AD from #ransomware and wiper attacks. Read the results: yhoo.it/2EcJueo
8
25
How do you defend #ActiveDirectory, aka the “keys to the kingdom,” if you don’t know where the attacks are coming from? In this webinar, @grouppolicyguy + @_wald0 demonstrate real-world attacks used against AD. APRIL 2ND 2 pm ET REGISTER NOW 👉 bit.ly/33vaygZ
2
13
35
Finding it hard to keep track of all the recent identity-related cyberattacks? This month’s #IdentityAttack Watch roundup includes the #Microsoft Exchange #Hafnium attack, a breach of Verdaka’s video platform, and #ransomware attack on retailer FatFace. bit.ly/3fqO3Ss
13
29
#PurpleKnight steps up defenses against #ActiveDirectory attacks! Purple Knight 1.3 unleashes 11 new security indicators—for #PrintNightmare, #PetitPotam, and more—bringing the total number to 76. Ready to knock out your AD security weaknesses? bit.ly/2WuFL4g
17
25
#PetitPotam: Another high-impact attack vector on #Windows domains that is relatively easy to carry out—but difficult to mitigate. Read more about the background and guidance for detecting and mitigating PetitPotam: bit.ly/3ipgNw5
1
17
25
With the continual threat of #cyberattacks, recovering #ActiveDirectory comes with a new set of challenges, including: ➡️ Restoring AD to clean servers ➡️ Restoring AD without reintroducing #malware in system state or bare-metal backups Full report: bit.ly/3a5QNjc
1
12
24
Where should practitioners invest time now to get ready to be CISOs in 2022 and beyond? #ICYMI To help cut through some of the noise, we partnered with @RedmondIT to convene leading CISOs in a discussion about the most critical aspects of the role. bit.ly/2NGYmX9
14
23
Identity-related supply-chain attacks lead this month’s Semperis #Identity Attack Watch, a roundup of recent incidents including breaches at JBS, FujiFilm, and more—plus details about the tactics used in the #ColonialPipeline attack. bit.ly/3wZKFng
15
22
Our experts have broken down the top 10 best practices for AD cyber resilience. We’d love to hear your thoughts! bit.ly/34s3hhn #infosec #cybersecurity #dataprotection #cyberresilience #informationsecurity #top10 #activedirectory
2
3
22
Attackers love #ActiveDirectory misconfigurations and use them to gain #privilegedaccess and move through compromised systems. These seven configuration issues are often exploited. Check your hybrid AD environment for them—ASAP! lnkd.in/dVWftMeU
1
20
22
Check out this month’s Semperis Identity Attack Watch, a roundup of recent incidents including a state-sponsored attack on a U.S. local government, the #ColonialPipeline attack, the #MountLocker attack that exploited Windows #ActiveDirectory APIs, and more.lnkd.in/dKp8v9G
14
24
What's up with identity attacks from this past month? The Semperis Research Team highlights a CISA warning about May Windows updates, Conti #cyberattacks on the Costa Rican government, and a credential stuffing attack that compromised GM car owners’ data. semperis.com/blog/identity-a…
17
19
It's a banner day for enterprise #identityprotection! We've raised over $200 million in #SeriesC funding led by @KKR_Co with @1011vc, @Paladincap, @AtriumHealth Strategic Fund, Tech Pioneers Fund, and existing investors, including @insightpartners: semperis.com/press-release/k….
2
19
22
Check out this month’s Semperis #Identity Attack Watch, a roundup of recent incidents, including a report of a new #ransomware called #Cring that exploits vulnerabilities in VPN servers by compromising #authentication credentials. bit.ly/3eDK2Ig
16
21
All Ur AS Are Belong To Us. @SemperisTech Security Researcher Charlie Clark (@exploitph) discusses a potential attack path related to AS Requested Service Tickets. #ransomware #CybersecurityAwarenessMonth #BeIdentitySmart semperis.com/blog/new-attack…
21
20
📣 We’re proud to announce that @HIPConf is coming to Europe! The virtual conference is headed to Europe on June 30th and July 1st. Register now for FREE: bit.ly/3feGGeV bit.ly/HIP-Europe #cybersecurity #hybrididentity #HIPEurope
1
15
18
#ProxyShell, PetitPotam, #LockBit 2.0…what else is new?! This month’s @SemperisTech Identity Attack Watch covers LockFile’s use of ProxyShell and #PetitPotam flaws, surging LockBit 2.0 attacks, expanding Hive exploits, and more. semperis.com/blog/identity-a…
4
15
16
To celebrate National #CybersecurityAwarenessMonth, here is a list of 10 amazing women you need to be following. Even though October is coming to an end, the fight against cyber attackers will continue to intensify. Always remember to do your part. 🔗: bit.ly/3kMGLs9
19
17
🚨 BREAKING NEWS 🚨 Today we’re proud to announce our Series B round led by @insightpartners, with participation from existing backers. The growth funding will support our global expansion and accelerate hiring across all functional areas. Learn more: bit.ly/2YWqEjv
1
10
18
“Defending against #ransomware starts with protecting #ActiveDirectory 🛡” #FIC2021
1
14
14
We're looking forward to speaking at @OptivSourceZero's #SZCon2021! Meet our VP of Products, @grouppolicyguy, and learn about common weak spots in #ActiveDirectory configurations—and how to fix them during our session on May 27th at 12pm EST. bit.ly/3w5gNFb
16
15
#TeamSemperis is out at the Vancouver @itechconference today! Come by and visit our booth and be sure you don't miss Doug Davis (@SemperisTech Senior Product Manager) during his afternoon session on vulnerabilities exploited with #ActiveDirectory. #iTech #cyberresilience
1
15
12
#Identity remains the key to accessing the network, and the volume of identities has rapidly grown with the expansion of the cloud. @GGrillen tells @SecurityWeek why #ActiveDirectory is a real point of weakness: securityweek.com/cyber-insig…
15
14
We are proud to announce that Semperis is a finalist in this year's @CyberSec_Awards for Start-up of the Year, AND our Hacker in Residence, @Sidragon1, is shortlisted for Personality of the Year! The #cyberawards2020 recognizes excellence and innovation in #cybersecurity 🎉
1
11
13
With #ransomware attacks on the rise, #ActiveDirectory recovery is critical to keep businesses up and running. We're thrilled that Semperis ADFR has been recognized as a finalist by @SCMagazine for Best Disaster Recovery Solution! 🔗 bit.ly/39nn4De
1
12
14
We're at Day 2 of #gartneriam 2022! Swing by Booth #140 to learn about #Gartner's top #cybersecurity trend for 2022, Identity Threat Detection and Response (ITDR), and meet some of #TeamSemperis!
14
13
Goodbye, #RedForest@grouppolicyguy breaks down Microsoft's new privileged access management strategy for #ActiveDirectory, which replaces the previous "Red Forest" approach. Here's what you need to know before implementing the new guidance: bit.ly/3pq3nkk
16
14
Look up! Enterprise #identityprotection is getting top billing today! @SemperisTech celebrates our newest growth funding round, led by @KKR_Co. Thanks for the love, @Nasdaq! It's a proud day for #TeamSemperis, worldwide!
17
13
Meet #ForestDruid, a new free attack path discovery tool from #Semperis that helps defenders define the true Tier 0 perimeter, scan #activedirectory for high-risk violations, and prioritize locking down privileges to Tier 0 assets: fast.wistia.net/embed/channe…
17
14
What can modern #cybersecurity learn from ancient adversaries? @Sidragon1 breaks down how you can apply techniques used to fend off enemies throughout ancient history by emperors, warriors, and soldiers to the high-tech environments of today. bit.ly/303ewMU
13
11
UPCOMING #InfoSec Pro WORKSHOP: Don't miss the chance to join our #Hacker in Residence @Sidragon1 and @grouppolicyguy for a workshop about new #cyberattacks without actually talking about "cyber" at all. September 16th at 2 pm ET Register 🔗: bit.ly/2Z4rFFd
1
11
13
In this month’s #Identity Attack Watch, the Semperis Research Team highlights BlackCat attacks that triggered an FBI warning, a #Conti group attack on Panasonic, a Hive hit on a California health company, and more. lnkd.in/gUK2hUps
14
12
Proud to be included among the 5 Israeli-founded #tech companies ranked in the top-50 of @Deloitte's #Fast500 list! 𝟲,𝟲𝟯𝟱% 𝗴𝗿𝗼𝘄𝘁𝗵 💪 The 5: @TransmitSec | @getnanit | @SemperisTech | @exabeam | @perimeterx bit.ly/35XDocR
13
14
“Changes in permissions are by far the biggest security risk when it comes to implementing hybrid #identity management.” - Semperis Senior Product Manager, Doug Davis #IDMgmtDay
#IdentityManagementDay is today. To bring #cybersecurityawareness, what do experts from @SemperisTech @bitglass @CloudentityTEAM & @DigitalGuardian have to say about building a stronger digital perimeter? @InfoSec_Review asks: bit.ly/3aaUFRg
12
14
🌟NEW Featured Blog Post ⁣⁣⁣⁣ ⁣⁣⁣⁣ Learn why @Sidragon1, who is considered one of the world’s foremost experts on counter #ThreatIntelligence, has joined forces with @SemperisTech.⁣⁣⁣⁣ ⁣⁣ ⁣ 🔗 lnkd.in/dZyCbNq⁣⁣ ⁣ #cybersecurity #activedirectory
1
9
13
UPCOMING #WEBINAR | April 22nd at 11 am PDT Following the launch of #PurpleKnight, @grouppolicyguy and Ran Harel share insights on the tool that evaluates security weaknesses in #ActiveDirectory configurations. Register for the session now at, bit.ly/pk-redmond
14
13
With #ransomware on the rise, your #ActiveDirectory requires special attention. Semperis CEO @ber_mic shares insights on the steps organizations can take to protect AD and their businesses. bit.ly/3poBh8Y
12
13
#Semperis experts discuss how #Kerberos works, how #cyberattackers target it, and how to protect your #ActiveDirectory environment from #Kerberoasting, Silver and Golden Ticket attacks, and more. ▶️ Watch on demand! lnkd.in/eszsauKz
14
12
Thank you, @cyberdefensemag, for awarding us THREE Cutting Edge Global #InfoSec Awards at #RSAC2021! 🏆 #Ransomware Recovery Solution for ADFR 🏆 Identity Access Management Solution for DSP 🏆 #Cybersecurity Conference for @HIPConf Read more at bit.ly/33VZIl3
15
13
Do you know your #ActiveDirectory security vulnerabilities? In this new post, @shorinsean steps through the types of #security holes threat actors use—including configuration mistakes and unpatched vulnerabilities—to attack AD environments. bit.ly/38X50Qk
15
13
Happy #IDMgmtDay! Our expert Doug Davis shares tips on securing hybrid #identity models with @IanDBarker @BetaNews today- check it out: bit.ly/3a4tRlB
1
10
13
#Kerberoasting has been around for a while, but that doesn’t mean that cybercriminals love it any less. In @thenewstack, @shorinsean shares why this remains one of the most pervasive cyberattack methods against #Microsoft AD and how to guard against it. thenewstack.io/how-to-guard-….
12
11
Together, in 2022 we'll build a stronger and more cyber resilient world for a safer tomorrow. #TeamSemperis wishes everyone a happy, healthy, and safe New Year! 🎊
4
12
10
In the wake of a #cyberattack, Active Directory can be dismissed as an afterthought. The reality is if AD is compromised, so is your entire environment. Read more on "Rethinking #ActiveDirectory security" (@helpnetsecurity) bit.ly/2LZv7xn
12
12
The way that organizations are increasingly relying on #ActiveDirectory makes it the perfect target for cybercriminals. Dan Bowdrey talks to @cybernews about why AD is the forgotten system and how organizations can protect themselves. cybernews.com/security/dan-b…
4
12
9
It's almost time for Happy Hour! 🍻🍸 Tonight from 5-7 pm PT, meet us at the Border Grill in Mandalay Bay if you're at #BHUSA with our friends at @Securonix, @CyberArk, @Bitdefender, @ArmisSecurity, and @PicusSecurity. Check out all the details at lnkd.in/gACNTWMC.
14
12
🎉 We are proud to be named the winner for Identity & Access Management in the inaugural @SecurityCurrent #CISOChoiceAwards! bit.ly/32Y7smF
11
13
On this #MalwareMonday, we're asking the question: When was the last time you tested your #ActiveDirectory recovery plan? Just as necessary, is your AD recovery plan updated to include cyber scenarios such as a #ransomware or #wiperattack? Read more: bit.ly/2Pk7lup
8
12
🎉 It's an honor to have our #ActiveDirectory Forest Recovery solution recognized as a nominee in the Commercial Technology Category for the upcoming 2021 Edison Awards! #EdisonAwards #EA2021 Read more about our nominated ADFR solution: lnkd.in/dEix7Jt.
Nominations for the 2021 #EdisonAwards #CommercialTechnology: LM Intelligence™ AIOps Early Warning System @LogicMonitor (bit.ly/3iPzFRT) Active Directory Forest Recovery @SemperisTech (bit.ly/2SzeKYu) Reveal(x) 360 @ExtraHop (bit.ly/2GSeFME)
12
13
🆕 in Identity Attack Watch, the Semperis Research Team highlights #LockBit's #ransomware attacks on small towns and the Italian tax agency, #BlackBasta's hit on materials manufacturer Knauf, a breach at Japanese game publisher #BandaiNamco, and more. semperis.com/blog/identity-a…
15
13
Shoutout to #TeamSemperis for winning GOLD in four categories at this year's Cybersecurity Excellence Awards! lnkd.in/dCdFXC3
12
12
"Once you truly understand your vulnerabilities you can begin to properly protect your organization." - 🗣️ Semperis Chief Technologist @GGrillen We were delighted to be a Thought Leadership sponsor at the #CIOCISODeutschlandSummit (@CDMmedia) today!
13
12
We’re honored to be recognized as the 4th fastest growing #tech company in the Tri-state area and 35th overall on the @DeloitteTMT #Fast500 List! bit.ly/3nuqqZQ
11
12
We are honored to be named on @CybersecuritySF #Hot150 Cybersecurity Companies to Watch 2021, recognized for Identity Driven #CyberResilience! bit.ly/395poOt
11
12
#PurpleKnight’s power is growing. The new version of our free #ActiveDirectory security assessment tool introduces Azure AD security indicators to address security gaps across on-prem and #AzureAD to battle attacks targeting hybrid identity environments. semperis.com/blog/purple-kni…
13
12
What did @SemperisTech Senior Product Manager Doug Davis and Director of Services @shorinsean take away from this month's #MSIgnite Announcements? In the most recent @HIPConf Podcast episode, they dive in. 🎙️ bit.ly/watch-hippodcast19
In episode 19 of the HIP Podcast, @shorinsean is joined by Doug Davis to discuss #Microsoft's recent announcements at #MSIgnite about #passwordless authentication, the new concept of Temporary Access Pass, and more Microsoft initiatives. 🎙️ bit.ly/watch-hippodcast19
10
12
Just Released: With the addition of DSP Intelligence, Semperis further establishes DSP as the industry’s most comprehensive #ActiveDirectory threat detection and response platform. bit.ly/3vM9brj
14
12
We're very proud to have made the @Inc Magazine fifth annual #Vet100 list—a compilation of the nation's fastest-growing #veteranowned businesses. Congratulations to all! 👏 Read more at ivmf.syracuse.edu/2022-vet10….
13
12
In the age of the cloud, dependency on Active Directory is rapidly growing—and so is the attack surface. At today's #CIOCISOMidwestSummit, @gkirkpatrick shared the dos and don'ts of recovering #ActiveDirectory from a cyber disaster.
13
12
Learn how #cyberattackers can use unpatched #ActiveDirectory Certificate Services to take over your domain in the Semperis Research Team’s comprehensive guide to the CVE-2022-26923 #securityvulnerability. lnkd.in/ga32Wxga
17
12
@Sidragon1 discussed the SolarWinds attack w/@AmerBanker: "The security industry has rallied to address this attack from several angles, and in many cases, organizations impacted are working around the clock to determine and implement any necessary fixes." americanbanker.com/news/no-h…
2
10
Ever heard of SPN-jacking? Delve into how attackers could use SPN-jacking to compromise a host or service, how to detect it, and how to prevent it in "SPN-jacking: An Edge Case in WriteSPN Abuse," with @elad_shamir. semperis.com/blog/spn-jackin… #cyberattacks #kerberos
16
11
NEW BLOG 🚨 @elad_shamir takes a look behind the scenes of CVE-2021-42278 and CVE-2021-42287 and offers a couple of action items (in addition to #patching) that will help prevent domain service privilege escalation. lnkd.in/diin2wWW #activedirectory
2
14
11
We all know the stat: 81% of data breaches are caused by credential abuse. At the center of the storm is #ActiveDirectory. Check out @idsalliance’s latest IAM best practices blog by @gkirkpatrick on how to secure your “keys to the kingdom.” Read now: bit.ly/3dkELmp
9
12
𝗛𝗼𝘄 𝘁𝗼 𝗗𝗲𝗳𝗲𝗻𝗱 𝗔𝗴𝗮𝗶𝗻𝘀𝘁 #𝗗𝗖𝗦𝗵𝗮𝗱𝗼𝘄🛡 This attack exploits a switch in the #Mimikatz utility that enables privileged users to inject malicious changes into #ActiveDirectory without detection. Learn to combat this emerging threat: 🔗 lnkd.in/dt47Ex4
8
10
It's @idsalliance #BeIdentitySmart week, in conjunction with #CybersecurityAwarenessMonth! We're excited to support this week, highlighting the importance of securing digital identities. Read more from @shorinsean and other #identity management champions: idsalliance.org/blog/2021/10…
15
11
Recent #cyberattacks use lateral movement—a favorite tactic—to threaten local #government entities and #infrastructure. These three steps go a long way toward blocking such attempts and protecting #ActiveDirectory. semperis.com/blog/three-step…
11
10
We are a proud sponsor of @drjournal Fall 2022! Don't miss the chance to hear from our Director of Services, @shorinsean, on "Setting Up an #ActiveDirectory Isolated Recovery Environment for Incident Response." Learn more about #DRJFall + register now at drj.com/fall2022.
15
12
We're unveiling the @SemperisTech Vigilance Channel Program today! With #ActiveDirectory security breaches reaching a critical point, our program will help VARs and Resellers better meet their customers' needs. bit.ly/semperis-channel-prog…
12
11
Join us on May 26th at 3pm BST, as we speak to @IdentityExperts about what the #Hafnium-led #Microsoft breach can teach us about securing our organizations. Find out more and register — bit.ly/iESempWeb21
1
13
10