Prioritizing Data Access Governance Initiatives Through Discovery

Prioritizing Data Access Governance Initiatives Through Discovery

Organizations are starting to shift their focus to establish a core set of principles around protecting their data, and they need a blueprint to help them get started. This series serves as the blueprint that will help your organization chart a course to proper data security. The first step in establishing a Data Access Governance program is Discovery.

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Those of you that are familiar with STEALTHbits know that protecting credentials is in our DNA – there is no separating credential protection from a sane data protection strategy. The operative word being “sane”. Earlier this year we introduced the first iteration of our Enterprise Password Enforcer, a password policy enforcement tool for Active Directory. In the first release, we focused on creating a solution that was transparent and operationally friendly. It did not require reboots when updating policies or…

Read More Read More

Deploying Pass-the-Hash Honeypots

Deploying Pass-the-Hash Honeypots

So far in this series, we’ve learned about the HoneyHash, a useful honeypot technique for detecting Pass-the-Hash and credential theft within a Windows environment.  We then looked into how to monitor for an attacker triggering the honeypot, and how to gather the necessary forensic details to investigate the attack.  Now let’s look at what you need to do to roll out the honeypot across multiple endpoints in your environment. There are some basic challenges we need to consider.  First, we…

Read More Read More

Implementing Detections for the Honeyhash

Implementing Detections for the Honeyhash

In our first post of this series, we explored the Honeyhash, and how it can be used to create a honeypot to catch attackers performing credential theft and pass-the-hash attacks.  Now that our trap is set, we need to make sure we can catch any attacker in the act who may fall for it. The concept of detection for the Honeyhash is simple.  We put a fake account in memory on a system, so let’s see if anybody tries to…

Read More Read More

Detecting Pass-the-Hash with Honeypots

Detecting Pass-the-Hash with Honeypots

Credential theft within Windows and Active Directory continues to be one of the most difficult security problems to solve.  This is made clear in the Verizon DBIR where it is reported that the use of stolen credentials is the #1 action identified across data breaches. Microsoft has acknowledged this challenge and responded with a guide on how to mitigate the Pass-the-Hash attack.  They have expanded on their recommendations and outlined steps to set up a tiered Active Directory environment and…

Read More Read More

EU GDPR: Paving the Way for New Privacy Laws?

EU GDPR: Paving the Way for New Privacy Laws?

The May 25th EU GDPR deadline might have been less than 2 months ago, but it’s clear that the ripples from the groundbreaking act have already begun to make their way “across the pond” into the United States. This was evident just last month when The Golden State unveiled their “California Consumer Privacy Act” which sets restrictions on how organizations harvest and use data, and perhaps kicking off the beginning of the aptly named “Privacy Movement.” In what could end up…

Read More Read More

Market Trends: Privileged Access and Insider Threats

Market Trends: Privileged Access and Insider Threats

Halfway through the year, 2018 has seen an increase of insider threats that continue to highlight how privileged access is easily abused for a variety of nefarious activities. Telsa, the electronic car manufacturer, was hit by an insider that used their access to sabotage systems and give away trade secrets. A Punjab National Bank employee gained access to sensitive passwords to the SWIFT interbank transaction system. And in a further abuse of user’s privacy and trust, a member of Facebook’s…

Read More Read More

Moving from Checkbox Compliance to True Data Security

Moving from Checkbox Compliance to True Data Security

Organizations are shifting their focus to a core set of principles around protecting their credentials and data, but they struggle with a starting point. In this 6-part ‘Checkbox Compliance to True Data Security’ blog series, we will provide a foundational blueprint. The series will cover an overview of Data Access Governance (DAG) and introduce the 5 phases that will help shape a true data security program. In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti…

Read More Read More

STEALTHbits Pro Tip – Eliminating Weak Active Directory Passwords

STEALTHbits Pro Tip – Eliminating Weak Active Directory Passwords

Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak Password Checks.’ One of the checks in this report performs a hash comparison between your AD passwords…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.