SingHealth hack explained

Mon, 01/14/2019 - 11:46

On January 10th, 2019, the Committee of Inquiry (COI) published its public report detailing the now-infamous SingHealth hack incident.

This 453-page report is already a difficult read for most security practitioners and, as long and exhaustive as it looks, the most determined readers amongst us might still feel unsatisfied by its lack of details on some of the attack’s critical steps.

Emmanuel Gras
Co-founder & CEO
After graduating from Mines Paristech, Emmanuel spent 3 years at Orange, auditing core telco networks. He then joined ANSSI, the French national authority in the area of cyberdefense and network security (NIS). He designed large-scale audit tools for Microsoft Active Directory, and he now develops Alsid's products and solution packages.

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us

Alsid is expanding in Asia

Tags
Mon, 02/11/2019 - 14:57

Alsid is targeting the APJ region with the opening of a regional head office in Hong Kong as well as the launch of a technical delivery team in Malaysia to support new client contracts and regional partnerships.

Emmanuel Gras
Co-founder & CEO
After graduating from Mines Paristech, Emmanuel spent 3 years at Orange, auditing core telco networks. He then joined ANSSI, the French national authority in the area of cyberdefense and network security (NIS). He designed large-scale audit tools for Microsoft Active Directory, and he now develops Alsid's products and solution packages.

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us

SingHealth hack#2: a more in-depth dive

Thu, 01/31/2019 - 10:06

In a previous post, we have tried to tell, in layman’s words, the tale of the now-infamous SingHealth hack. Today we take this discussion a step further. 

Emmanuel Gras
Co-founder & CEO
After graduating from Mines Paristech, Emmanuel spent 3 years at Orange, auditing core telco networks. He then joined ANSSI, the French national authority in the area of cyberdefense and network security (NIS). He designed large-scale audit tools for Microsoft Active Directory, and he now develops Alsid's products and solution packages.

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us

Abusing S4U2Self: Another Sneaky Active Directory Persistence

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us

Kerberos Resource-Based Constrained Delegation: a new control path

Sun, 01/27/2019 - 17:48

This article is part of a series that explore new ways to compromise an Active Directory. The series follows an outstanding paper published by Elad Shamir: “Wagging the Dog - Abusing Resource-Based Constrained Delegation to Attack Active Directory”.

Romain Coltel
Senior Security Researcher
Former senior security auditor specialized in red-teaming missions, Romain is now tackling Active Directory problems down to the core at Alsid. During his spare time Romain is teaching the well-received SANS SEC660 in France and maintains various security software such as Dislocker or the AES-XEX and XTS modes for the famous mbedTLS library.

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us

Forrester AD report  - A spotlight on a critical component of your business

Mon, 07/23/2018 - 10:00

Forrester recently published a research report titled The State Of Microsoft Active Directory 2018. We encourage everyone to read it, as it sheds a much-needed spotlight on the most critical component of every corporates in the world. We believe many of the trends described in the report will indeed shape the evolutions of Active Directory infrastructures and their usage.

Emmanuel Gras
Co-founder & CEO
After graduating from Mines Paristech, Emmanuel spent 3 years at Orange, auditing core telco networks. He then joined ANSSI, the French national authority in the area of cyberdefense and network security (NIS). He designed large-scale audit tools for Microsoft Active Directory, and he now develops Alsid's products and solution packages.

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us

DCShadow explained: A technical deep dive into the latest AD attack technique

Mon, 01/29/2018 - 16:46

Update 19/02/2018 : Add a reference to Uncover-DCShadow, a proof of concept helping Blue teams to detect DCShadow attack.

Luc Delsalle
Co-founder & CTO
Luc spent 6 years at ANSSI, the French national agency in charge of Cyberdefense matters, where he led several large-scale incident response and multiple redteam security assessments. He is a security engineer specialized in Microsoft products security. When he is not designing Alsid's products, Luc teaches technical security courses in several engineering school in Paris. Nowadays, Luc is in charge of Alsid product roadmap.

Get in touch

Let's explore together how Alsid can improve your products and services

Contact us