Semperis has closed a Series C funding round to expand geographically and enhance identity protection and threat mitigation with AI and ML capabilities. The AD security provider plans to use the $200 million to expand into safeguarding additional cloud applications and cloud identity providers.
The adoption rate for software as a service (SaaS) has grown dramatically. However SaaS applications tend to be siloed, and that has made managing user access and authorization an increasing challenge. The task of onboarding users is a time-intensive, manual process that involves administrators across multiple...
Active Directory (AD) is unable to support today’s modern workforce of contractors, freelancers, and people working remotely. It creates extra work and is holding companies back from innovation and modernization.
Get this whitepaper to learn how today’s evolving IT ecosystem requires you to rethink AD, and why...
Since a majority of the breaches are credential based, securing your multi-directory identity store – Microsoft Active Directory (AD) and Azure AD – is critical to protecting your organization from adversaries launching ransomware and supply chain attacks. Your security and IAM teams are concerned about securing...
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
U.K’s Prudential Regulation Authority (PRA) has identified cyber security as a top risk for banking institutions, in addition, a new Bank of England survey shows that nearly three quarters of respondents were worried about cybersecurity, with 59% naming cyber-attacks in the top 5 biggest risks to the UK’s...
Microsoft is urging customers to apply patches issued in November for two Active Directory domain controller bugs following publication of a proof-of-concept tool that leverages these bugs, which when chained can allow easy Windows domain takeover.
Join this on demand session to learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.
Join this webinar to hear Steve Hunt, a senior cybersecurity analyst at Aite Group, outline why attackers have been successful, decisions that have created weaknesses, and why common security efforts have been insufficient in preventing attacks using advanced techniques.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including why enterprises need a multilayered approach to securing identity, how fraud will evolve in 2022 and the need to secure backdoors to prevent ransomware attacks.
Microsoft has indicated it will make changes to reduce the risk around what a security vendor says is a vulnerability that lets attackers run brute-force credential attacks against Azure Active Directory. The issue was reported to Microsoft in June by SecureWorks' Counter Threat Unit.
The Russia-linked cyberespionage group Nobelium, which was responsible for the SolarWinds supply chain attack, has developed and deployed a new malware, dubbed FoggyWeb, according to a Microsoft Threat Intelligence Center security blog. Microsoft says FoggyWeb creates a backdoor to exfiltrate data.
A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes.
Threat actors are focusing a lot on Active Directory today as it is a path for them to reach an organisations key data & applications. The versatility of Active Directory makes it a crucial target for hackers. Organisations learn new ways on how to protect this valuable target and mitigate the risks. Organisations...
The U.S. Cybersecurity and Infrastructure Security Agency warns that hackers are increasingly targeting cloud services by waging phishing schemes and brute-force attacks. CISA recommends a number of defenses, including regularly reviewing Active Directory sign-in logs and enforcing multifactor authentication.