Browsed by
Category: Uncategorized

The Danger of Access Risks with GDPR: The story of Artie Fact

The Danger of Access Risks with GDPR: The story of Artie Fact

How much personal data are your employees able to access? What you don’t know will surprise you…and could possibly hurt you. Imagine you’ve been with a company for 10, 20, even 30 years. How many roles have you had? How many applications have you worked with over that period? If you’re like many individuals, you will likely have switched jobs at least 2 or more times. Here’s the (fictitious) story of Artie.  Artie Fact has been with HappyGoLucky (HGL) Global…

Read More Read More

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Awareness is the first and most essential ingredient in any successful risk mitigation strategy.  StealthAUDIT v8.1 has been enhanced to extend your awareness into high risk conditions that can easily sneak up on you in three key ways: SQL Database Security – Discover, assess access, and monitor activity within SQL databases, scouring each for sensitive data that attackers are likely to target Weak Password Identification – Identify Active Directory user accounts leveraging passwords contained in publically available dictionaries and organizationally-defined…

Read More Read More

Attacking Local Account Passwords

Attacking Local Account Passwords

So far in this series, we’ve learned how attackers can target weak domain passwords in Active Directory.  To complete the story, we need to look beyond domain accounts and understand the ways to attack local accounts on Windows servers and desktops.  For this post, we will focus on the most important local account: Administrator.  The Administrator account is built into every Windows operating system and provides full control over the system, including the ability to compromise domain accounts through pass-the-hash…

Read More Read More

Attacking Weak Passwords in Active Directory

Attacking Weak Passwords in Active Directory

In our last post, we learned about password spraying and how effective this can be to compromise AD accounts with weak and commonly used passwords.  Now let’s take a look at how an attacker could take this approach and put it into practice to compromise your domain.  For that, we are going to use BloodHound, a very useful open-source application for penetration testing AD security and planning attack paths to compromise high value accounts.  We’ve covered BloodHound in our permission…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 5 – Protecting Critical Infrastructure From Cyber Threats

National Cyber Security Awareness Month (NCSAM) – Week 5 – Protecting Critical Infrastructure From Cyber Threats

If you haven’t heard, October was National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team observed the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The fifth week theme for National Cyber Security Awareness Month (NCSAM) is “Protecting Critical Infrastructure…

Read More Read More

How STEALTHbits Helps with ITAR IT Compliance

How STEALTHbits Helps with ITAR IT Compliance

What is ITAR Compliance? The International Traffic in Arms Regulations (ITAR) is a United States regulatory compliance standard that restricts and controls the export of defense and military related technologies to safeguard U.S. national security. The U.S. Government requires all manufacturers, exporters, and brokers of defense articles, defense services or related technical data to be ITAR compliant. What are ITAR Requirements? For a company involved in the manufacture, sale or distribution of goods or services covered under the United States…

Read More Read More

Down the Bad Rabbit Hole

Down the Bad Rabbit Hole

Update 2017-10-27 1:30pm EDT: Multiple researchers are reporting an exploit in the BadRabbit sample that is largely based on the EternalRomance exploit published in the ShadowBrokers leak. On October 24, 2017, STEALTHbits was alerted to a ransomware campaign spreading across Eastern Europe and Russia. There are reports that the infection is leveraging the EternalBlue, the exploit generally believed to be developed by the U.S. National Security Agency (NSA), however there is no evidence to support those claims. Bad Rabbit does…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 3 – Today’s Predictions for Tomorrows Internet

National Cyber Security Awareness Month (NCSAM) – Week 3 – Today’s Predictions for Tomorrows Internet

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The third week theme for National Cyber Security Awareness Month (NCSAM) is…

Read More Read More

File System Attacks – Insider Threat Podcast #9

File System Attacks – Insider Threat Podcast #9

In the ninth edition of the Insider Threat Podcast, Jonathan Sander and I did a little role reversal. I played Zorak to Jonathan’s Space Ghost and was asking the questions – the topic this week is File System attacks. A topic that we have noticed not many struggles with, but one that we increasingly see as an attack vector. Jonathan has been researching these attacks recently and has been blogging about them in length. So we sat down to talk…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 2 – Cybersecurity in the Workplace Is Everyone’s Business

National Cyber Security Awareness Month (NCSAM) – Week 2 – Cybersecurity in the Workplace Is Everyone’s Business

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The second week theme for National Cyber Security Awareness Month (NCSAM) is…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.