Most ransomware attacks occur during weekends and holidays, times of distraction or disruption when the majority of SOCs are not adequately staffed. A new report from Semperis finds that 52 percent of surveyed organizations in the US, UK, France, Germany, Italy, Spain, Singapore, Canada, Australia and New Zealand were targeted at holidays or weekends. Alarmingly, 78 percent of companies cut security operation centre (SOC) staffing by 50 percent or more during holidays and w

A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access. Microsoft designated this as CVE-2025-58726 , an “SMB Server Elevation of Privilege” flaw impacting all Windows versions absent enforced SMB signing. According to Semperis, the issue persists in environments with default Active Directory (AD) configurations, underscoring Kerber

In the ever-evolving landscape of mobile technology, Google’s Quick Share is poised for a significant security upgrade. According to recent reports, the file-sharing feature could soon integrate with Android’s Advanced Protection Program, potentially revolutionizing how users safeguard their data during transfers. This development comes amid growing concerns over unauthorized access and file theft in an increasingly connected world. The rumor, first highlighted by Android Aut

If you ask Dr. Chase Cunningham whether we’re in a cyber war, he won’t hedge.“We’ve already had our cyber Pearl Harbor,” he told me. “It just didn’t happen in a single day.” That line lingered with me because it’s not hyperbole. Cunningham, one of the featured voices in Midnight in the War Room , knows what he’s talking about. The new documentary—produced by Semperis —offers an unfiltered look at the modern cyber battlefield and the people trying to hold the line. It’s raw,

Semperis has introduced Ready1 for Identity Crisis Management to support organisations in recovering from identity-based cyberattacks and resuming normal business operations. Ready1 brings together several of Semperis' existing offerings, including Active Directory Forest Recovery (ADFR), Disaster Recovery for Entra Tenant (DRET), and Identity Forensics and Incident Response (IFIR), alongside its enterprise crisis management system. The new product is aimed at enhancing opera

SafeBreach experts have disclosed details of a vulnerability in the Windows Remote Procedure Call (RPC) protocol, patched by Microsoft in the July 2025 update. The flaw, CVE-2025-49760 , allowed an attacker to conduct spoofing attacks and impersonate a legitimate server using the Windows storage mechanism. Ron Ben Yizak discussed the discovery at the DEF CON 33 conference. Read more.

Cohesity and Semperis Announce Groundbreaking Offering that Unifies Data and Identity Resilience Cohesity and Semperis today announced a new product, Cohesity Identity Resilience, powered by Semperis, to defend enterprises’ critical Identity infrastructure, including Microsoft Active Directory assets from cyberattacks. Now available for purchase from Cohesity, the solution is the strongest of its kind in the market, enabling companies to proactively harden defenses, recover r

A newly discovered attack method could allow hackers to crash public Windows domain controllers (DCs) worldwide and weaponize them for...

For likely the first time ever, security researchers from Safebreach have shown how AI can be hacked to create real-world havoc, allowing...

By sending a calendar invite with an embedded prompt injection, often hidden in the event title, attackers can potentially exfiltrate...

Ransomware actors are resorting to extreme measures to pressure victims into paying demands, including threats of physical harm to...

Korea Telecom (KT) , a major telecommunications provider, has initiated a collaboration with HEQA Security , a company specializing in...

New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID , potentially enabling malicious actors...

S emperis has announced new detection capabilities in its Directory Services Protector platform in collaboration with Akamai to address...

“Semperis is honored to be recognised as the Ransomware Protection Business of the Year, particularly among such an esteemed group of...

A new survey of 1,000 businesses across the UK, UK, Europe and the Asia-Pacific region reveals a worrying disconnect between...

Gain Visibility Beyond the Breach Augment your breach and attack simulation (BAS) deployment with automated attack path validation...

Today, identity-related attacks—which target critical identity systems such as Microsoft Active Directory (AD), Entra ID, and...

SafeBreach, a breach and attack simulations company, has expanded its collaboration with Visa to leverage the company’s Threat...

80 percent of operators were targeted multiple times. More than half of cyber-attacks experienced by critical services disrupted...