Top Legacy Active Directory Infrastructure Vulnerabilities and How Attackers See Them
By Tammy Mindel, Security Product Manager at Semperis Microsoft Active Directory (AD) has become a highly lucrative target […] The…
China-Based Billbug APT Infiltrates Certificate Authority
Access to digital certificates would allow the Chinese-speaking espionage group to sign its custom malware and skate by security scanners.
MFA Fatigue attacks are putting your organization at risk
A common threat targeting businesses is MFA fatigue attacks—a technique where a cybercriminal attempts to gain access to a corporate network…
Windows Kerberos authentication breaks after November updates
Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems…
Phishing drops IceXLoader malware on thousands of home, corporate devices
A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the 'IceXLoader' malware.…
LockBit affiliate uses Amadey Bot malware to deploy ransomware
A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device…
Microsoft Quashes Bevy of Actively Exploited Zero-Days for November Patch Tuesday
Long-awaited security fixes for ProxyNotShell and Mark of the Web bypasses are part of a glut of actively exploited zero-day…
FIN7 Cybercrime Group Likely Behind Black Basta Ransomware Campaign
Several artifacts from recent attacks strongly suggest a connection between the two operations, researchers say.
VIP3R: Dissecting A New Venomous Spearphishing Campaign
By Tom McVey, Solution Architect at Menlo Security Social engineering attacks are among the most prevalent and dangerous […] The…
Using Regex to Implement Passphrases in Your Active Directory
Passphrases provide a superior type of password for authentication as they allow you to create strong passwords you can remember.…