Latest news with #Semperis
Techday NZ
10-06-2025
- Business
- Techday NZ
Semperis adds detection for BadSuccessor flaw in Windows 2025
Cybersecurity firm Semperis has introduced new detection capabilities in its Directory Services Protector (DSP) platform, aiming to protect organisations against "BadSuccessor" — a newly disclosed privilege escalation technique in Windows Server 2025 that currently has no available patch. The BadSuccessor flaw, revealed by researchers at Akamai, targets delegated Managed Service Accounts (dMSAs), a new Windows Server 2025 feature designed to enhance the security of service accounts. Instead, the researchers demonstrated how the feature can be exploited to impersonate highly privileged users in Active Directory, such as Domain Admins, without needing additional credentials or triggering alerts. In direct response to Akamai's findings, Semperis worked with the researchers to develop and deploy new detection indicators within its DSP platform. The enhancements include one new Indicator of Exposure (IOE) and three Indicators of Compromise (IOCs), designed to help organisations identify early signs of potential abuse. "Semperis moved quickly to translate the vulnerability into real-world detection capabilities for defenders, demonstrating how collaboration between researchers and vendors can lead to rapid, meaningful impact," said Yuval Gordon, Security Researcher at Akamai. The detection indicators are focused on revealing abnormal behaviour around dMSAs, including excessive delegation rights, suspicious links between dMSAs and privileged accounts, and attempts to target sensitive credentials like the KRBTGT account. According to Semperis, this can give security teams a vital head start in identifying attacks before they can escalate. "Service accounts remain one of the least governed yet most powerful assets in enterprise environments," said Tomer Nahum, Security Researcher at Semperis. "This collaboration with Akamai allowed us to close detection gaps fast and give defenders visibility into a deeply complex area of Active Directory that attackers continue to exploit." The vulnerability has broad implications. Any organisation operating at least one domain controller (DC) running Windows Server 2025 may be at risk. According to Semperis, even a single misconfigured DC using dMSAs could expose the entire Active Directory environment to compromise. As there is currently no fix for the vulnerability, Semperis is urging organisations to take immediate steps to protect their environments. These include auditing dMSA configurations, reviewing delegation permissions, and employing detection tools such as the updated DSP platform. The new detection features aim to support defenders in closing a critical visibility gap. Service accounts, such as dMSAs, often run with elevated privileges but remain unmonitored or poorly managed in many enterprise environments. This lack of oversight creates a potential blind spot for attackers to exploit — a challenge the BadSuccessor technique highlights sharply. Semperis stated that the DSP update is available now and is intended to offer a stopgap solution for organisations as they await official mitigation from Microsoft. The case also serves as a reminder of the growing complexity of managing hybrid identity environments. With attackers increasingly targeting infrastructure such as Active Directory, new features — however well-intentioned — can quickly become unexpected attack vectors. Gordon added, "The abuse of service accounts is a growing concern, and this high-profile vulnerability is a wake-up call." Until a patch is released, security teams are advised to remain vigilant and proactive. By monitoring dMSA activity and understanding their configuration risks, organisations can reduce their exposure to what could otherwise be a silent but highly impactful method of privilege escalation.
Techday NZ
09-06-2025
- Business
- Techday NZ
Semperis adds detection for dMSA attacks in Windows Server
Semperis has announced new detection capabilities in its Directory Services Protector platform in collaboration with Akamai to address the "BadSuccessor" privilege escalation technique in Windows Server 2025. BadSuccessor targets a new Windows Server 2025 feature called delegated Managed Service Accounts (dMSAs), which was designed to improve service account security. Researchers at Akamai have shown that attackers can exploit dMSAs to impersonate highly privileged users, such as Domain Admins, within Active Directory. At present, there is no patch available to address this vulnerability. Service accounts, including dMSAs, often operate with extensive or unmonitored privileges, creating potential security risks for enterprises. The exploitation method uncovered by Akamai highlights ongoing challenges in securing service accounts and preventing unexpected attack vectors within large organisations. In response, Semperis has updated its Directory Services Protector platform to include one new Indicator of Exposure and three Indicators of Compromise aimed at detecting abnormal dMSA activity. These enhancements will enable security teams to identify excessive delegation rights, malicious connections between dMSAs and privileged user accounts, and attacks directed at sensitive accounts such as KRBTGT. "Semperis moved quickly to translate the vulnerability into real-world detection capabilities for defenders, demonstrating how collaboration between researchers and vendors can lead to rapid, meaningful impact. The abuse of service accounts is a growing concern, and this high-profile vulnerability is a wake-up call," said Yuval Gordon, Security Researcher at Akamai. "Service accounts remain one of the least governed yet most powerful assets in enterprise environments. This collaboration with Akamai allowed us to close detection gaps fast and give defenders visibility into a deeply complex area of Active Directory that attackers continue to exploit," said Tomer Nahum, Security Researcher at Semperis. The vulnerability is present in any organisation that operates at least one domain controller running Windows Server 2025. According to Semperis, a single misconfigured domain controller can place the entire environment at risk. Until vendors release an official patch, organisations are encouraged to audit dMSA permissions and use detection tools to monitor for misuse. Semperis is reinforcing cybersecurity for enterprises by protecting critical identity services that underpin hybrid and multi-cloud environments. Purpose-built for securing complex identity infrastructures — including Active Directory, Entra ID, and Okta — Semperis' AI-powered platform safeguards more than 100 million identities from cyberattacks, data breaches, and operational missteps. Headquartered in Hoboken, New Jersey, the privately held international company supports major global brands and government agencies, with customers spanning over 40 countries. Beyond its core technology offerings, Semperis is recognized for its commitment to the cybersecurity community. The company sponsors a range of industry resources, including the award-winning Hybrid Identity Protection (HIP) Conference, the HIP Podcast, and free identity security tools such as Purple Knight and Forest Druid. With its dual mission to protect digital infrastructure and empower the security community, Semperis continues to play a pivotal role in advancing global cyber resilience. Follow us on: Share on:
Yahoo
06-06-2025
- Business
- Yahoo
Jen Easterly to Keynote 2025 Hybrid Identity Protection Conference
Easterly joins identity-first defenders at the award-winning conference, October 7–9 in Charleston, SC HOBOKEN, N.J., June 6, 2025 /PRNewswire/ -- Semperis, a leader in AI-powered identity security and cyber resilience, today announced that Jen Easterly, former Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), will keynote the Hybrid Identity Protection Conference (HIP Conf), taking place October 7-9 in Charleston, SC. A globally recognized leader in cybersecurity and national defense, Easterly led CISA through a transformative period—scaling it into a $3 billion agency with over 10,000 personnel and establishing it as a cornerstone of U.S. cyber defense. A combat veteran, former Morgan Stanley executive, and cybersecurity pioneer, Easterly brings decades of experience at the intersection of security, technology, and resilience. "Defenders working in hybrid identity environments set the standard for resilience in a world where adversaries move fast and trust is everything," said Easterly. "We are in an era where adversaries exploit every weakness and identity is the first and last line of defense. I am looking forward to joining this community at the upcoming HIP Conf." HIP Conf is the premier global event for identity-first defenders, uniquely focused on securing hybrid and multi-cloud environments. This year's Semperis' conference will deliver the latest in identity threat detection and response (ITDR); Active Directory, Entra ID, and Okta security; and building operational resilience in a rapidly evolving threat landscape. The 2025 program features a robust lineup of technical sessions and strategic insights from dozens of leaders across industry, government, and academia. Key sessions include: What's New, What's Next? Active Directory Roadmap – Linda Taylor, Principal Software Engineer, Microsoft A Quarter Century, a Quarter Million Breaches: AD Security & Incident Response in 2025 – Michael Van Horenbeeck, CEO, The Collective The State of Identity Security 2026 – Henrique Teixeira, SVP, Strategy, Saviynt, and David Lee, Field CTO, Saviynt Beyond Backups: Practical Steps to Build Operational Resilience – Ben Cauwel, Head of Cyber Security, Capgemini From Hybrid to Full Cloud: Is It Right for You? – Joe Kaplan, Security Delivery Associate Director, Accenture Demystifying Managed Service Accounts: Best Practices & Security Measures to Reduce Risk – Jorge De Almeida Pinto, Senior Incident Response Lead, Semperis Additional speakers and sessions to be announced. Longtime HIP advocate Alex Weinert, Chief Product Officer at Semperis and former VP of Identity Security at Microsoft, returns to the stage for his third consecutive year. "Identity is the new security perimeter, and as organizations modernize their infrastructure, they need to stay ahead of increasingly complex identity-based attacks," said Weinert. "HIP continues to be a go-to event for real-world strategies and community connections. We're proud to be leading this important global conversation." Unlike broader cybersecurity conferences, HIP Conf is purpose-built for practitioners managing and defending hybrid identity environments. The event fosters long-term collaboration, community, and real-world knowledge sharing that continues well beyond the conference. For more information and to register for HIP Conf 25, visit: About the Hybrid Identity Protection Conference Mobile workforces, cloud applications, and digitalization are changing every aspect of the modern enterprise. With radical transformation comes new business risks. The Hybrid Identity Protection Conference (HIP Conf) is the premier educational forum for identity-centric practitioners. Whatever the industry sector or job function, HIP strives to provide its community with the insights and relationships needed to enable and protect today's digitally driven organizations. Learn more about HIP Conf 25 via our social media feeds: X / LinkedIn / Facebook About Semperis Semperis protects critical enterprise identity services for security teams charged with defending hybrid and multi-cloud environments. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis' AI-powered technology protects more than 100 million identities from cyberattacks, data breaches and operational errors. As part of its mission to be a force for good, Semperis offers a variety of cyber community resources, including the award-winning Hybrid Identity Protection (HIP) Conference, HIP Podcast, and free identity security tools Purple Knight and Forest Druid. Semperis is a privately owned, international company headquartered in Hoboken, New Jersey, supporting the world's biggest brands and government agencies, with customers in more than 40 countries. Learn more: Follow us: Blog / LinkedIn / X / Facebook / YouTube Media Contact:Bill KeelerSenior Director, PR & Commsbillk@ View original content to download multimedia: SOURCE Semperis Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
06-06-2025
- Business
- Yahoo
Jen Easterly to Keynote 2025 Hybrid Identity Protection Conference
Easterly joins identity-first defenders at the award-winning conference, October 7–9 in Charleston, SC HOBOKEN, N.J., June 6, 2025 /PRNewswire/ -- Semperis, a leader in AI-powered identity security and cyber resilience, today announced that Jen Easterly, former Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), will keynote the Hybrid Identity Protection Conference (HIP Conf), taking place October 7-9 in Charleston, SC. A globally recognized leader in cybersecurity and national defense, Easterly led CISA through a transformative period—scaling it into a $3 billion agency with over 10,000 personnel and establishing it as a cornerstone of U.S. cyber defense. A combat veteran, former Morgan Stanley executive, and cybersecurity pioneer, Easterly brings decades of experience at the intersection of security, technology, and resilience. "Defenders working in hybrid identity environments set the standard for resilience in a world where adversaries move fast and trust is everything," said Easterly. "We are in an era where adversaries exploit every weakness and identity is the first and last line of defense. I am looking forward to joining this community at the upcoming HIP Conf." HIP Conf is the premier global event for identity-first defenders, uniquely focused on securing hybrid and multi-cloud environments. This year's Semperis' conference will deliver the latest in identity threat detection and response (ITDR); Active Directory, Entra ID, and Okta security; and building operational resilience in a rapidly evolving threat landscape. The 2025 program features a robust lineup of technical sessions and strategic insights from dozens of leaders across industry, government, and academia. Key sessions include: What's New, What's Next? Active Directory Roadmap – Linda Taylor, Principal Software Engineer, Microsoft A Quarter Century, a Quarter Million Breaches: AD Security & Incident Response in 2025 – Michael Van Horenbeeck, CEO, The Collective The State of Identity Security 2026 – Henrique Teixeira, SVP, Strategy, Saviynt, and David Lee, Field CTO, Saviynt Beyond Backups: Practical Steps to Build Operational Resilience – Ben Cauwel, Head of Cyber Security, Capgemini From Hybrid to Full Cloud: Is It Right for You? – Joe Kaplan, Security Delivery Associate Director, Accenture Demystifying Managed Service Accounts: Best Practices & Security Measures to Reduce Risk – Jorge De Almeida Pinto, Senior Incident Response Lead, Semperis Additional speakers and sessions to be announced. Longtime HIP advocate Alex Weinert, Chief Product Officer at Semperis and former VP of Identity Security at Microsoft, returns to the stage for his third consecutive year. "Identity is the new security perimeter, and as organizations modernize their infrastructure, they need to stay ahead of increasingly complex identity-based attacks," said Weinert. "HIP continues to be a go-to event for real-world strategies and community connections. We're proud to be leading this important global conversation." Unlike broader cybersecurity conferences, HIP Conf is purpose-built for practitioners managing and defending hybrid identity environments. The event fosters long-term collaboration, community, and real-world knowledge sharing that continues well beyond the conference. For more information and to register for HIP Conf 25, visit: About the Hybrid Identity Protection Conference Mobile workforces, cloud applications, and digitalization are changing every aspect of the modern enterprise. With radical transformation comes new business risks. The Hybrid Identity Protection Conference (HIP Conf) is the premier educational forum for identity-centric practitioners. Whatever the industry sector or job function, HIP strives to provide its community with the insights and relationships needed to enable and protect today's digitally driven organizations. Learn more about HIP Conf 25 via our social media feeds: X / LinkedIn / Facebook About Semperis Semperis protects critical enterprise identity services for security teams charged with defending hybrid and multi-cloud environments. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis' AI-powered technology protects more than 100 million identities from cyberattacks, data breaches and operational errors. As part of its mission to be a force for good, Semperis offers a variety of cyber community resources, including the award-winning Hybrid Identity Protection (HIP) Conference, HIP Podcast, and free identity security tools Purple Knight and Forest Druid. Semperis is a privately owned, international company headquartered in Hoboken, New Jersey, supporting the world's biggest brands and government agencies, with customers in more than 40 countries. Learn more: Follow us: Blog / LinkedIn / X / Facebook / YouTube Media Contact:Bill KeelerSenior Director, PR & Commsbillk@ View original content to download multimedia: SOURCE Semperis Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
08-05-2025
- Business
- Yahoo
Identity Strategy: Semperis CEO Mickey Bresman, Live at RSAC 2025
Tech Edge hosted a fireside chat on April 30 at RSAC 2025 in San Francisco with Mickey Bresman, Chief Executive Officer at Semperis. The in-person interview was joined by Editor-at-Large Jarrett Banks and they discussed what's next for the company after recently surpassing $100M ARR, the evolution of Semperis' mission of putting identity at the center of cyber resilience strategy, among other topics. Watch the interview below: This embedded content is not available in your region. About Mickey Bresman Mickey Bresman is CEO and co-founder of Semperis, a leading provider of enterprise, hybrid identity protection, threat research, and incident response services. Among the top three fastest-growing cybersecurity companies in the U.S., according to Inc. 5000, Semperis is widely recognized for offering the industry's most comprehensive hybrid directory protection technology and services. Semperis recently surpassed $100M in annual recurring revenue, a milestone that fewer than one in every 1,000 venture-backed enterprise software companies achieves. The company has been recognized by Deloitte's Technology Fast 500, Inc's Best Workplaces, and, recently, CRN's 2025 Security 100 list. Its Purple Knight community tool, a free assessment solution designed to identify vulnerabilities in Microsoft Active Directory, Entra ID, and Okta, has been endorsed by leading cyber agencies from the Five Eyes Nation, including the NSA and CISA. Beginning his technical career in the Navy, Mickey's comfort zone is on the front lines helping organizations thwart and respond to cyberattacks. The long-time cybersecurity expert and entrepreneur has an extensive track record of driving revenue growth and scaling organizations across the globe. Prior to founding Semperis, Mickey held the position of CTO at YouCC Technologies, a Microsoft Gold Partner integration company. About Semperis For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid identity environments—including Active Directory, Entra ID, and Okta—Semperis' AI-powered technology protects over 100 million identities from cyberattacks, data breaches and operational errors. The world's leading organizations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada and Israel. Semperis hosts the award-winning Hybrid Identity Protection conference and podcast series ( and built the community hybrid Active Directory cyber defender tools, Purple Knight ( and Forest Druid. The company has received the highest level of industry accolades, recently named to Inc. Magazine's list of best workplaces for 2024 and ranked the fastest-growing cybersecurity company in America by the Financial Times. Contact: Exec Edge Editor@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
