{"id":15399,"date":"2023-04-03T07:27:16","date_gmt":"2023-04-03T07:27:16","guid":{"rendered":"https:\/\/education.telefony-taksi.ru\/?p=15399"},"modified":"2023-04-24T17:30:55","modified_gmt":"2023-04-24T17:30:55","slug":"semperis-gives-tips-to-better-deal-with-ad-threats","status":"publish","type":"post","link":"https:\/\/education.telefony-taksi.ru\/semperis-gives-tips-to-better-deal-with-ad-threats.html","title":{"rendered":"Semperis gives tips to better deal with ad threats"},"content":{"rendered":"

\"Semperis<\/p>\n

Identity systems such as Active Directory are a popular attack vector<\/h2>\n

Since its inception in 2014, the Semperis team has helped many companies combat cyberattacks. An increasingly common attack vector is identity systems such as Active Directory (AD).<\/p>\n

Quite often, Semperis observes the following in this regard: Cybercriminals have gained access to critical systems through some relatively simple tactics. The intruders had already used credential theft tools and successfully hijacked one of the company’s domain admin accounts. The compromised account was then used to first create a new, hidden, dedicated account for the attacker and then add it to the compromised domain’s “Domain Admin” group. This was essentially following the simple instructions of how to attack an Active Directory domain and be persistent about it.<\/p>\n

Do not neglect AD security basics<\/h3>\n

The reason attackers were so successful in the first intrusion can often be attributed to some security fundamentals that were neglected:<\/p>\n