3 Zero-Cost Tactics That Make it Difficult for Attackers to Move Laterally

3 Zero-Cost Tactics That Make it Difficult for Attackers to Move Laterally

Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right?  Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts and subjects, there are three things…

Read More Read More

A Tale of One City – Data Privacy Day

A Tale of One City – Data Privacy Day

Data Privacy Day is among us, and for that matter so is EU GDPR and NYCRR 500. What do these all have in common? Well, privacy. Privacy by design really should be more than just the mantra of GDPR, it needs to become the mantra of everyone handling any type of customer information. I do have hope that it will. How do you achieve privacy by design? EU GDPR along with NYCRR 500 are both privacy-focused regulations and they both…

Read More Read More

Gain System Access and Persistence with SQL Native Attacks – SQL Attacks

Gain System Access and Persistence with SQL Native Attacks – SQL Attacks

What to Do with Your New SQL Kingdom In the last posts, we explored ways to gain access to MS SQL and to extract the data it contains. The fun thing with MS SQL, though, is that is just the start. Every application has a certain amount of access to other resources. Databases generally have a lot of low-level access to system since their whole purpose in life is to optimize access to data. That means augmenting some basic IO…

Read More Read More

STEALTHbits ProTip: Advanced StealthINTERCEPT Alerting

STEALTHbits ProTip: Advanced StealthINTERCEPT Alerting

  With each iteration, StealthINTERCEPT shows more value to our customers.  StealthINTERCEPT 5.0’s AD Security focused data means alerting will become even more essential, and those alerts should contain what’s important to you.  Let’s take a moment to learn how your organization can configure and benefit from StealthINTERCEPT 5.0 Notifications. First, navigate to the Alerts section found under Configuration > Alerts:   Once in the System Alerts section, click on the Email tab and toggle the slider in the top…

Read More Read More

Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™

Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™

Transforming Active Directory Security Five years ago we introduced the StealthINTERCEPT product line, to address the growing requirement for a comprehensive Active Directory change and access monitoring solution. We know that Active Directory is safest when it is clean, properly configured, closely monitored, and tightly controlled – that is exactly what StealthINTERCEPT has been successfully doing for its users. The security implications of a well maintained and monitored AD environment have significantly increased in the years since we first released…

Read More Read More

Compromise with PowerUpSQL – SQL Attacks

Compromise with PowerUpSQL – SQL Attacks

Completely Owning MS SQL Server If what you’re after is a toolkit to own Microsoft SQL Server from end to end, then what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise, elevate, target, and own just about any SQL system. It’s the whole kill chain in one tool. Just as I could have run all the initial discovery and compromise through metasploit but chose to break it up, I…

Read More Read More

Finding Microsoft SQL Server Targets – SQL Attacks

Finding Microsoft SQL Server Targets – SQL Attacks

After all the posts about attacking different parts of IT infrastructure, it seems impossible that we have never used nmap as a tool before. Nmap is one of the most reliable and well-known tools of the trade for attackers. More than that, it is used by security pros and IT admins for a huge number of tasks. In their own words, the makers of nmap say it is a “utility for network discovery and security auditing.” I think that sells…

Read More Read More

Attacking Microsoft SQL Server Databases

Attacking Microsoft SQL Server Databases

In the business of selling security solutions, not too long ago the phrase “defense in depth” dominated the messages. It was meant to evoke an image of defending each layer of the IT infrastructure with uniquely suited solutions. Now everyone recognizes that the notions about perimeter defenses are flawed. Real security is built in to everything, not wrapped around it. However, there are many corners of the IT stack that seem to still behave as if security is going to…

Read More Read More

2017 Cybersecurity Recap & 2018 Predictions – Insider Threat Podcast #13

2017 Cybersecurity Recap & 2018 Predictions – Insider Threat Podcast #13

In our thirteenth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing, and Gabriel Gumbs, VP of Product Strategy. We discussed our 2017 Cybersecurity Recap & 2018 Predictions Report, and tried to focus on the prediction part of things since we are at the start of the new year. After a quick look over the shoulder at the trends we spotted in 2017, we move right through…

Read More Read More

STEALTHbits ProTip: Role Based Access for Web Reporting in StealthAUDIT v8.1

STEALTHbits ProTip: Role Based Access for Web Reporting in StealthAUDIT v8.1

This time of year is typically a time of giving, and I am here to give the gift of report security!  StealthAUDIT v8.1 has new data to discover, and new report management to keep that data secure. Version 8.1 of StealthAUDIT now equips users with Role Based Access (RBA) to control who has access to reports from the Web Console.  This is a great way to isolate reports to only the users who should be able to see the sensitive…

Read More Read More