Identity Attack Watch: May 2021 Community Chats Webinars Library Identity Attack Watch: May 2021 Cyberattacks targeting Active Directory are on the upswing, putting pressure on AD, identity, and security teams to monitor the constantly shifting AD-focused threat landscape. To help IT pros better understand and guard against attacks involving AD, the Semperis Research Team offers this monthly roundup of recent cyberattacks that used AD to introduce or propagate malware. This month, the Semperis Research Team highlights identity-related cyberattacks, including a state-sponsored attack on a U.S. local government that exploited bugs in a Fortinet appliance; the Colonial Pipeline attack, which targeted Windows vulnerabilities; the MountLocker ransomware attack, which exploited Windows Active Directory APIs; and more.