National Cyber Security Awareness Month (NCSAM) – Week 3 – Today’s Predictions for Tomorrows Internet

National Cyber Security Awareness Month (NCSAM) – Week 3 – Today’s Predictions for Tomorrows Internet

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The third week theme for National Cyber Security Awareness Month (NCSAM) is…

Read More Read More

File System Attacks – Insider Threat Podcast #9

File System Attacks – Insider Threat Podcast #9

In the ninth edition of the Insider Threat Podcast Jonathan Sander and I did a little role reversal. I played Zorak to Jonathan’s Space Ghost and was asking the questions – the topic this week is File System attacks. A topic that we have noticed not many struggle with, but one that we increasingly see as an attack vector. Jonathan has been researching these attacks recently and has been blogging about them in length. So we sat down to talk…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 2 – Cybersecurity in the Workplace Is Everyone’s Business

National Cyber Security Awareness Month (NCSAM) – Week 2 – Cybersecurity in the Workplace Is Everyone’s Business

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The second week theme for National Cyber Security Awareness Month (NCSAM) is…

Read More Read More

Attack Step 3: Persistence with NTFS Extended Attributes – File System Attacks

Attack Step 3: Persistence with NTFS Extended Attributes – File System Attacks

What Does Persistence Mean on a File System? In our first file system attack, we found places where we’re likely to get good data with the credentials we’ve been able to steal. Our second attack let us focus in on only the data that is worth the time to steal so we can lessen the chances of getting caught – or at least get the best stuff before we do. The final stage in these attacks is typically persistence. Finding…

Read More Read More

3 Key Takeaways from NetApp Insight 2017

3 Key Takeaways from NetApp Insight 2017

NetApp Insight, NetApp’s annual technical conference, brought together storage and data management professionals to discuss changing the world with data. In over 200 technical sessions and the Insight Central exhibit hall, organizations learned how NetApp’s Data Fabric can help them: Harness the power of the hybrid cloud Build a next-generation data center Modernize storage through data management The conference was almost canceled due to the tragic shooting in Las Vegas. However, NetApp and its partners and customers were committed to making…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 1 – Simple Steps to Online Safety

National Cyber Security Awareness Month (NCSAM) – Week 1 – Simple Steps to Online Safety

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The first week theme for National Cyber Security Awareness Month (NCSAM) is…

Read More Read More

Attack Step 2: Targeting Interesting Data – File System Attacks

Attack Step 2: Targeting Interesting Data – File System Attacks

Sifting Through The Sands In the last post, we looked at how to find file shares where data we may want to steal lives. We used both Python based and PowerShell based approaches to this. Now we’re going to take the next step and find actual files of interest. Even the smallest organization can have many thousands of files. The bad guys would drown in all that data if they didn’t have ways to narrow down what they’re looking for….

Read More Read More

STEALTHbits at Microsoft Ignite 2017 – Insider Threat Podcast #8

STEALTHbits at Microsoft Ignite 2017 – Insider Threat Podcast #8

In our eight edition of the Insider Threat Podcast, we spoke with the most senior member of the STEALTHbits team, Adam Laub. Adam had just been to the Microsoft Ignite conference, and brought us some insight into what the pulse of the show was. We brought our new focus on Threat Protection to the show in a big way. People’s reactions were very positive. We had more people stopping by and spending time with us than ever before. Of course,…

Read More Read More

Attack Step 1: Finding Where Data Lives – File System Attacks

Attack Step 1: Finding Where Data Lives – File System Attacks

Finding Where Interesting Information May Live We’re going to make some assumptions at the start of this attack. We will assume we already have full access to any credentials we need. Why? Because we’ve already shown you how you can grab any credential you might need all the way up to the highest level of administrative rights. The question you now need to ask is this: what can you do with those rights? Credentials are the means, but data is…

Read More Read More

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

There’s a lot of news coverage on threats like ransomware, malware, and phishing that are all about punching holes in organizations to grab quick spoils. But what isn’t getting a lot of coverage is the careful, patient planning attackers do once inside your Microsoft Active Directory (AD) environment. They fly under the radar scoping out your domain and amassing privileges so they can spread out, dig in, and access a smorgasbord of sensitive data. These meticulously executed—and ultimately more dangerous…

Read More Read More