The Danger of Access Risks with GDPR: The story of Artie Fact

The Danger of Access Risks with GDPR: The story of Artie Fact

How much personal data are your employees able to access? What you don’t know will surprise you…and could possibly hurt you. Imagine you’ve been with a company for 10, 20, even 30 years. How many roles have you had? How many applications have you worked with over that period? If you’re like many individuals, you will likely have switched jobs at least 2 or more times. Here’s the (fictitious) story of Artie.  Artie Fact has been with HappyGoLucky (HGL) Global…

Read More Read More

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Awareness is the first and most essential ingredient in any successful risk mitigation strategy.  StealthAUDIT v8.1 has been enhanced to extend your awareness into high risk conditions that can easily sneak up on you in three key ways: SQL Database Security – Discover, assess access, and monitor activity within SQL databases, scouring each for sensitive data that attackers are likely to target Weak Password Identification – Identify Active Directory user accounts leveraging passwords contained in publically available dictionaries and organizationally-defined…

Read More Read More

StealthDEFEND – Insider Threat Podcast #11

StealthDEFEND – Insider Threat Podcast #11

In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan and Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access Governance suite. Focused on file activity, important contextual elements like data sensitivity, and the actual attack methods leveraged…

Read More Read More

Attacking Local Account Passwords

Attacking Local Account Passwords

So far in this series, we’ve learned how attackers can target weak domain passwords in Active Directory.  To complete the story, we need to look beyond domain accounts and understand the ways to attack local accounts on Windows servers and desktops.  For this post, we will focus on the most important local account: Administrator.  The Administrator account is built into every Windows operating system and provides full control over the system, including the ability to compromise domain accounts through pass-the-hash…

Read More Read More

2017 Cybersecurity Recap & 2018 Predictions

2017 Cybersecurity Recap & 2018 Predictions

As we begin to wrap up 2017 and reflect back on the year, we looked at what the industry has accomplished and in some cases where we have fallen short. In the early part of this year many industry thought leaders were stating that 2017 would again be the year of ransomware. They were all very correct in their statements, but this year has shown us much more, it has shown us the increasing need for cybersecurity insurance, data access…

Read More Read More

The Year of Ransomware: 2017 Recap and 2018 Predictions

The Year of Ransomware: 2017 Recap and 2018 Predictions

The Year of Ransomware Many predicted that 2017 would be the year of ransomware and that was indeed true. This past year the ransomware industry evolved, and the marketplace for ransomware software has grown by 2,502%. Ransomware sales on the dark web have increased from less than $400,000 in 2016 to approximately $6.25 million in 2017. But, this year has shown us much more than just the prevalence of ransomware, it has shown us the increasing need for cybersecurity insurance,…

Read More Read More

Attacking Weak Passwords in Active Directory

Attacking Weak Passwords in Active Directory

In our last post, we learned about password spraying and how effective this can be to compromise AD accounts with weak and commonly used passwords.  Now let’s take a look at how an attacker could take this approach and put it into practice to compromise your domain.  For that, we are going to use BloodHound, a very useful open-source application for penetration testing AD security and planning attack paths to compromise high value accounts.  We’ve covered BloodHound in our permission…

Read More Read More

NetApp ONTAP v9.3 with Justin Parisi – Insider Threat Podcast #10

NetApp ONTAP v9.3 with Justin Parisi – Insider Threat Podcast #10

In our tenth edition of the Insider Threat Podcast, we were joined by NetApp Senior Technical Marketing Engineer, Justin Parisi. Justin is making the rounds ahead of the NetApp ONTAP version 9.3 release this week. Of course, we wanted to get the conversation focused on insider threats and other security topics. We managed to do just that. It seems ONTAP has a few good security related tricks up its sleeve in version 9.3. We also talked about a common topic…

Read More Read More

Finding Weak Passwords in Active Directory

Finding Weak Passwords in Active Directory

So far in this series we’ve looked at how plain text passwords can be exposed within Active Directory, which represents a major vulnerability for most AD environments.  However, even if you have proper controls to prevent plain text passwords in your network, attackers can still get them pretty efficiently.  How do they do this?  They guess.  And you’d be surprised how well guessing works at cracking passwords. As we covered in the introductory post for this series, guessing can be…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 5 – Protecting Critical Infrastructure From Cyber Threats

National Cyber Security Awareness Month (NCSAM) – Week 5 – Protecting Critical Infrastructure From Cyber Threats

If you haven’t heard, October was National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team observed the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The fifth week theme for National Cyber Security Awareness Month (NCSAM) is “Protecting Critical Infrastructure…

Read More Read More