Browsed by
Category: Uncategorized

3 Key Takeaways from NetApp Insight 2017

3 Key Takeaways from NetApp Insight 2017

NetApp Insight, NetApp’s annual technical conference, brought together storage and data management professionals to discuss changing the world with data. In over 200 technical sessions and the Insight Central exhibit hall, organizations learned how NetApp’s Data Fabric can help them: Harness the power of the hybrid cloud Build a next-generation data center Modernize storage through data management The conference was almost canceled due to the tragic shooting in Las Vegas. However, NetApp and its partners and customers were committed to making…

Read More Read More

National Cyber Security Awareness Month (NCSAM) – Week 1 – Simple Steps to Online Safety

National Cyber Security Awareness Month (NCSAM) – Week 1 – Simple Steps to Online Safety

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The first week theme for National Cyber Security Awareness Month (NCSAM) is…

Read More Read More

Attack Step 2: Targeting Interesting Data – File System Attacks

Attack Step 2: Targeting Interesting Data – File System Attacks

Sifting Through The Sands In the last post, we looked at how to find file shares where data we may want to steal lives. We used both Python-based and PowerShell based approaches to this. Now we’re going to take the next step and find actual files of interest. Even the smallest organization can have many thousands of files. The bad guys would drown in all that data if they didn’t have ways to narrow down what they’re looking for. Let’s…

Read More Read More

Attack Step 1: Finding Where Data Lives – File System Attacks

Attack Step 1: Finding Where Data Lives – File System Attacks

Finding Where Interesting Information May Live We’re going to make some assumptions at the start of this attack. We will assume we already have full access to any credentials we need. Why? Because we’ve already shown you how you can grab any credential you might need all the way up to the highest level of administrative rights. The question you now need to ask is this: what can you do with those rights? Credentials are the means, but data is…

Read More Read More

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

Learn How to Defeat Advanced Attacks against Active Directory at Microsoft Ignite 2017

There’s a lot of news coverage on threats like ransomware, malware, and phishing that are all about punching holes in organizations to grab quick spoils. But what isn’t getting a lot of coverage is the careful, patient planning attackers do once inside your Microsoft Active Directory (AD) environment. They fly under the radar scoping out your domain and amassing privileges so they can spread out, dig in, and access a smorgasbord of sensitive data. These meticulously executed—and ultimately more dangerous…

Read More Read More

Data Mapping in the age of GDPR – Unknown Application Workflows

Data Mapping in the age of GDPR – Unknown Application Workflows

When the enemy is already inside Security breaches is a fact of life. Employees click on links in phishing emails, web applications get compromised, weak passwords get guessed, and insiders misuse their privileges. As a matter of fact, internal actors play a role in every 4th breach according to the latest 2017 Data Breach Investigations Report from Verizon (http://www.verizonenterprise.com/verizon-insights-lab/dbir/). Once the enemy is within the external defenses it is critical to protect the internal data and the business operations. Not…

Read More Read More

STEALTHbits Introduces Automated Machine Learning to Data Access Governance at NetApp Insight

STEALTHbits Introduces Automated Machine Learning to Data Access Governance at NetApp Insight

STEALTHbits CTO, Jonathan Sander, recently returned from a road trip across the U.S. where he met with several customers. One of them remarked that finding sensitive data across his organization was like trying to find Waldo in the children’s book series, Where’s Waldo. The customer went on to say, ‘Even if we find it, we don’t have a foolproof way of keeping our sensitive information safe.’ He’s not the only one facing this dilemma. Organizations that have successfully implemented a…

Read More Read More

File System Attacks

File System Attacks

Credentials Are the Means to Attack Data If you’ve been reading the attack blog series until now, you’ve seen we have focused on attacks against Active Directory – like attacking core AD infrastructure, leveraging AD service accounts to attack, attacking AD with misconfigured permissions, and our series on Mimikatz attacks. Of course, AD is the hub for so much access to data in any organization that it may feel like those attacks actually compromise everything else. Today we’re kicking off…

Read More Read More

The 180 Days Are Over: NYS DFS Cybersecurity Regulation – 23 NYCRR 500

The 180 Days Are Over: NYS DFS Cybersecurity Regulation – 23 NYCRR 500

The New York State Department of Financial Services (NYS DFS), announced 23 New York Code Rules and Regulations 500 (23 NYCRR 500), a cybersecurity regulation for all financial institutions doing business in New York. Today marks the end of the first major deadline for this regulation, 180 days after going into effect on March 1, 2017. By now, financial institutions doing business in New York should have a cybersecurity program, cybersecurity policies, a Chief Information Security Officer (CISO), access privileges,…

Read More Read More

From Botnets to DACL Backdoors: A Journey through Modern Active Directory Attacks – Part I

From Botnets to DACL Backdoors: A Journey through Modern Active Directory Attacks – Part I

Active Directory DACL Backdoors In my last blog post, we examined Active Directory (AD) backdoors and how to defend against them. The botnets’ primary communication mechanism relied on abusing AD attributes. Once established, these botnets allow attackers to communicate across internal security controls, exfiltrate data—and most importantly—gain a foothold that is very difficult to detect and remove. All accomplished without one line of malicious code. Now that’s a real life advanced persistent threat…only it isn’t as advanced as nation-state style…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.