July 2025
Can't-miss highlights this month
- 🚨New research alert: Golden dMSA is the latest threat worrying Active Directory defenders. The attack exploits a critical design flaw in delegated Managed Service Accounts introduced in Windows Server 2025.
- The newly released Purple Knight Report reveals persistent security gaps in hybrid Active Directory and Entra ID environments. Surveyed organizations got an average score of 61% on the first scan. That's a nearly failing grade. Download the report to find out where organizations are struggling most to secure AD and Entra ID—and how Purple Knight can help speed remediation.
Get ahead of BadSuccessor
Learn with Semperis
From tech insights to cyber defense strategies. Bookmark our Events page for up-to-date info on opportunities to connect with our experts, including these sessions at Black Hat USA, August 7:
- Join Chris Inglis, former U.S. National Cyber Director and Semperis Strategic Advisor, for a rare, unfiltered keynote, From Slide Rules to GenAI: Musings of a Graybeard Public Servant on What’s Changing, What’s Not, and What Should.
- Semperis' Eric Woodruff, CIDPRO and Tomer Nahum will unveil techniques behind stealthy Golden SAML attacks, AD FS-specific forgeries, and new research targeting identity provider weaknesses in a live Arsenal demo. SAMLSmith is the latest weapon for SAML response forging—built for offensive scenarios and precision attacks against SaaS integrations.
- Semperis researchers' Tomer Nahum and Jonathan Elkabas will debut EntraGoat, a deliberately vulnerable Entra ID environment designed for Red Teams, researchers, and defenders alike.
Coming to Black Hat USA: The Operation Blindspot Tour, Black Hat Edition
Blindspots. Even the most secure environments have them. And attackers know how to exploit them. Cybersecurity legend Marcus Hutchins, the researcher who stopped the 2017 WannaCry ransomware outbreak, will headline this high-stakes, cyber crisis simulation.
Gaps will be exposed, assumptions will be shattered, and your response will determine the outcome. Request your seat at the table.
Join the #ForceForGood
Interested in helping #TeamSemperis protect some of the world’s largest, most complex hybrid Active Directory environments? Explore our open roles.