by Darren Mar-Elia | Jan 31, 2023 | Security-related
You may have caught the recent article about a new malware variant, called SwiftSlicer–attributed to a Russian APT group–that is making its way around Active Directory environments. There’s not a ton of details about how this malware is delivered,...
by Darren Mar-Elia | Oct 15, 2019 | Security-related
One of the advantages of messing around with Group Policy since before it shipped, is that there is a lot of stuff rattling around in my head that I’ve been re-thinking in the context of today’s modern threat landscape. This allows me to think about...
by Darren Mar-Elia | Feb 22, 2019 | Security-related
If you’ve been following this blog, you know that about 2 and half years ago, I started talking about Group Policy’s precarious role in the typical enterprise’s security posture. Many, if not most, AD shops use GP to perform security hardening on...
by Darren Mar-Elia | Feb 13, 2019 | Conferences
Hey folks! Just a quick note that I’m giving a talk next month in Chicago. This is a follow-on to the Semperis Hybrid Identity Protection (HIP) Conference that I spoke at last November. This Chicago “Tech Day” event is a one-day event on March 13th...
by Darren Mar-Elia | Jun 12, 2018 | Security-related
I was motivated to write this post based on a vendor blog that I read recently, that talked about ways to maliciously perform what amounted to a denial of service attack on AD. Ostensibly the post was designed to sell software, which I don’t begrudge, but it got...
