What is a Ransomware Attack?

What is a Ransomware Attack?

Million-dollar ransomware payouts, government protection, and ease of access will continue to fuel the growth of cybercrime. Imagine coming to work and turning on the computer only to see a message that says “repairing file system on C:” or “oops, your important files are encrypted” demanding a payment in bitcoin to decrypt them. When you read the headlines of six-figure ransomware payouts, you might begin to wonder how hacker groups are able to seek top developers who can build tools…

Read More Read More

Best Practices for Storage Reclamation – Part 3 of 3

Best Practices for Storage Reclamation – Part 3 of 3

In parts 1 and 2 of this blog series, we introduced the key elements of a storage reclamation program and dove deeply into 5 key capabilities that would be needed.  In this last blog, we pull all of the guidance together and wrap up the discussion. Putting It All Together With the five key capabilities addressed in the earlier blogs, any organization can be prepared to put together a comprehensive file cleanup workflow.  While no two organizations are alike, a…

Read More Read More

Best Practices for Storage Reclamation – Part 2 of 3

Best Practices for Storage Reclamation – Part 2 of 3

In part 1 of this series, we explained that there are 5 key capabilities needed for a successful file cleanup project, and discussed Capability 1 – File Discovery, and 2 – Sensitive data discovery.  In this second blog we pick up the discussion with Capability 3 – Activity and File Usage. Capability 3 – Activity and File Usage Understanding who is actively using files on file servers can offer tremendous insight into how to approach a cleanup effort.  By monitoring…

Read More Read More

Microsoft LDAP Channel Binding and Signing Patch

Microsoft LDAP Channel Binding and Signing Patch

Discovery Solution for Microsoft’s March 2020 Update Lightweight Directory Access Protocol (LDAP) – How did we get here? 20 years ago, I embarked on the fantastical journey that was migrating from NT4 to Active Directory. This is also when I began learning the power of LDAP. While it was technically available, very few companies implemented secure LDAP in the early days. Most enterprise applications or internal applications took advantage of the directory (and in a wide variety of ways), but…

Read More Read More

Best Practices for Storage Reclamation – Part 1 of 3

Best Practices for Storage Reclamation – Part 1 of 3

Data Access Governance (DAG) has many different types of use cases, with most falling into three main categories: data security, regulatory compliance, and operational efficiency.  There has been a lot written about security due to the increasing frequency of ransomware attacks, and a lot is being written about compliance, most recently around privacy – but we haven’t talked much about the operational efficiency use case. A good DAG program allows organizations to manage more data with fewer people and to…

Read More Read More

What is SMBv1 and Why You Should Disable it

What is SMBv1 and Why You Should Disable it

Eternally Affected What is SMB? Server Message Block (SMB) is a protocol used primarily for sharing files, printer services, and communication between computers on a network. The history of SMB is long, so I’ll try to keep this short and to the point. SMBv1 Back in the 1980s and 1990s IBM and Microsoft were working on implementations of SMB to improve and build upon the protocol. Microsoft actually pushed to rename SMB to Common Internet File System (CIFS) and added…

Read More Read More

Cleaning Up Unused Service Accounts – Part 2: Detecting Common Locations Where Service Accounts Are Used

Cleaning Up Unused Service Accounts – Part 2: Detecting Common Locations Where Service Accounts Are Used

In this post, I will continue the series for how to do a service account clean up in Active Directory by going into details of common locations in a Windows OS that can be used to configure service accounts as well as then showing how to collect these using PowerShell to enable an easy collection of data for later collation as well as being able to help your company documentation for service accounts. Windows Services One of the most common…

Read More Read More

Improve the Efficiency and Automation of AD Object Rollback and Recovery in StealthRECOVER 1.5

Improve the Efficiency and Automation of AD Object Rollback and Recovery in StealthRECOVER 1.5

Why is Active Directory (AD) so Important to Protect? The health and operational integrity of AD has a direct impact on the overall security of your organization. The capability to rollback and recover from unwanted changes is a critical requirement for you to maintain the security and performance of your network. In fact – it’s never been more important. 90% of organizations use AD as their central hub of authentication and authorization. It literally holds the keys to the kingdom…

Read More Read More

Constrained Delegation Abuse: Abusing Constrained Delegation to Achieve Elevated Access

Constrained Delegation Abuse: Abusing Constrained Delegation to Achieve Elevated Access

Kerberos Delegation Recap Previously, I gave an overview of all of the various types of Kerberos delegation, how they’re configured, and how they can potentially be abused. Prior to that, I wrote about abusing resource-based constrained delegation and Jeff Warren has written about abusing unconstrained delegation. To round out the Kerberos delegation topic, I wanted to write a quick blog on how constrained delegation can be abused to get elevated access to a specific configured service. If you’re not familiar…

Read More Read More

Improve AD Security – Block Unauthorized Activities & Strengthen Passwords with StealthINTERCEPT 7.0

Improve AD Security – Block Unauthorized Activities & Strengthen Passwords with StealthINTERCEPT 7.0

Nearly everyone uses Microsoft’s Active Directory (AD), over 90% in fact[1], to manage user accounts and provide authentication and access to the majority of organizational resources. Microsoft tells us that 95 million AD accounts are under attack every day[2]. The latest Verizon Data Breach Investigations Report informs that 56% of breaches in 2018 took a month or longer to discover[3]. Being under constant attack, and taking months to discover it, is a recipe for disaster. Many organizations do some kind…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other