Semperis

Mastering the Art of AD Recovery Does your organization have a documented, tested, AD-specific backup and recovery plan? This week, "Master of Disaster" Guido Grillenmeier explains why Active Directory recovery is a vital part of a successful ITDR strategy.

Semperis is heading to the IAM Summit this week to connect with security and identity leaders. Our Active Directory experts will be on-site, ready to share insights and help you tackle the complexities of identity and access management. ?? Join our roundtable discussion on Insider Threats ?? Meet the team & explore cutting-edge IAM strategies Let’s talk identity security—see you in Sydney!

Defenders have their hands full with the notorious Medusa ransomware, leading the FBI / CISA to create an advisory with mitigation recommendations. In Davey Winder's recent article in Forbes, Semperis AVP Daniel Lattimer explains why organizations must adopt an assumed breach position, why identity systems such as Active Directory require special attention, and why it never pays to pay the ransom. You can read it in full here: https://lnkd.in/gyExn3US

?? Cybersecurity Industry Watch: Weekly Highlights ?? It’s Monday, and we’re here with the latest news shaping the cybersecurity landscape: 1?? X Platform Hit by Cyberattack: Elon Musk’s social platform X (formerly Twitter) went down three times on March 10, affecting tens of thousands of users. A hacktivist group, Dark Storm Team, claimed responsibility, calling it a protest. X has since added Cloudflare protections. https://lnkd.in/gYXcd7t8 2?? Microsoft Fixes 6 Active Zero-Days: March’s Patch Tuesday included 57 security fixes, with six zero-days already being used in attacks. One flaw (CVE-2025-24983) had been exploited for nearly two years, giving attackers system privileges. https://lnkd.in/gHXMDETP 3?? Chinese Hackers Target U.S. Power Grid: Cyber group Volt Typhoon spent over 300 days inside a Massachusetts utility network, gathering data. The breach raises concerns about threats to critical infrastructure. https://lnkd.in/eTA4JNud Stay informed to stay secure. What stories are catching your attention this week?

?? ?????????????????????????? ????????????????????: ?? ???????????????? ???????????? ???? ???????? ???????????? ?????????????????? ?? For those responsible for protecting critical assets, unconstrained delegation in Active Directory poses a significant risk. This vulnerability can enable attackers to impersonate users and gain unauthorized access to vital resources. Stay informed and proactive with our latest blog post. In this article, we cover: ? The dangers of unconstrained delegation ? Steps to defend against these attacks and secure your AD environment ? Tools to monitor and mitigate risks, including ???????????? ???????????? and ???????????????? ?????????????????? ???????????????? ?????????????????? Don’t let unconstrained delegation pave the way for cyberattackers. Enhance your defenses now! ?? Read more: https://lnkd.in/g54f-_SJ

It was a packed room at BSides Limburg as Jorge de Almeida Pinto, Senior Incident Response Lead at Semperis, took the stage to share best practices for safeguarding Active Directory (AD) security—before and after an attack. Jorge walked attendees through real-world identity security risks, the importance of hybrid identity protection (AD & Entra ID), and how ITDR tools can help identify vulnerabilities before attackers do. He also highlighted the critical role of an AD Recovery Plan in maintaining operational resilience and tackled the challenges of reconnecting AD and Entra ID post-attack.

A new case study from Dragos sheds light on the challenges presented by the notorious Volt Typhoon threat group and its ability to remain undetected for 300 days in the network of a public utility. Semperis' Dan Lattimer spoke to IT Pro about why geopolitical factors will continue to heighten risks for operators in the CNI space and increase the likelihood of OT-related cyberattacks. He also shared some best-practice advice. You can read his interview here: https://lnkd.in/gBEEj3_4

???????????? ?????? ???????????? ???????????????? ????????????????????? Happy Pie Day to—wait. ?????????? ???????? ?????? ????????????????! Don't risk the resilience of your operations by letting cyberattackers catch you unprepared for Active Directory recovery. AD-specific backups and a tested plan for automated, secure AD recovery are a delicious defense. This Pie Day, grab a fork and fill up on hybrid identity resilience expertise! https://lnkd.in/g4eiR_bG

Ne manquez pas cette série de trois webinars sur la cyber résilience et la protection de vos infrastructures #ActiveDirectory ! ???? Inscrivez-vous dès maintenant?! #CyberSécurité

?????????????????????????? ???????????? ?????????????????? ???????????????? ???? ?????????????????? ???????????????? SEC Regulation S-P requirements emphasize the importance of robust cybersecurity measures, including for Active Directory (AD). With AD being a prime target for cyberattacks, financial organizations must prioritize its protection and recovery capabilities. ? Assess and test current AD disaster recovery plans: Regularly evaluate your AD disaster recovery plans to ensure they are up-to-date and effective. Conduct simulations and drills to test the response to potential AD compromises and identify any weaknesses in the plan. ? Identify and address security gaps: Perform thorough security audits to uncover vulnerabilities within your AD infrastructure. (The free ???????????? ???????????? tool can help.) Address these gaps by implementing best practices, such as enforcing strong password policies, enabling multi-factor authentication, and regularly updating and patching systems. ? Implement automated recovery solutions: Utilize automated tools and solutions (like ???????????????? ????????) to streamline the recovery process. These tools can help quickly restore AD functionality in the event of a compromise, minimizing downtime and reducing the impact on business operations. ? Ensure a detailed, documented AD recovery plan: Develop a comprehensive recovery plan that outlines the steps to be taken in the event of an AD compromise. This plan should include clear roles and responsibilities, communication protocols, and detailed recovery procedures to ensure a swift and coordinated response. By focusing on these areas, organizations can better protect their identity infrastructure, meet regulatory requirements, and enhance overall cybersecurity resilience. #SECCompliance #FinancialServices #DisasterRecovery