Detecting Pass-the-Hash with Honeypots

Detecting Pass-the-Hash with Honeypots

Credential theft within Windows and Active Directory continues to be one of the most difficult security problems to solve.  This is made clear in the Verizon DBIR where it is reported that the use of stolen credentials is the #1 action identified across data breaches. Microsoft has acknowledged this challenge and responded with a guide on how to mitigate the Pass-the-Hash attack.  They have expanded on their recommendations and outlined steps to set up a tiered Active Directory environment and…

Read More Read More

STEALTHbits Pro Tip – Eliminating Weak Active Directory Passwords

STEALTHbits Pro Tip – Eliminating Weak Active Directory Passwords

Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak Password Checks.’ One of the checks in this report performs a hash comparison between your AD passwords…

Read More Read More

Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report

Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report

Since 2016 the Ponemon Institute has released a yearly report on the cost of insider threats, and this year’s report covered some statistics that may surprise you. Most people relate to incidents and breaches that originate from outside the organization. Practitioners, however know that they cannot focus only on the outsider threat but also the threat from insiders and how costly it can be. The Ponemon Institute was able to shine some much needed light on the cost occurred by…

Read More Read More

The State of Microsoft Active Directory – Report by Forrester

The State of Microsoft Active Directory – Report by Forrester

Forrester just released The State of Microsoft Active Directory 2018 report by Merritt Maxim, and it’s definitely something that anyone interested in current state of Active Directory (AD) usage and where it’s going should read. Here are some of the key takeaways summarized by the report: Demand for Cloud Based AD is growing. On-prem AD is still dominant in the enterprise, but as cloud deployments of applications and services grow, AD in the cloud is growing with them. If you…

Read More Read More

Announcing StealthDEFEND 1.1

Announcing StealthDEFEND 1.1

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to solve via traditional…

Read More Read More

2018 Threat Hunting Report

2018 Threat Hunting Report

67% of organizations are not confident in their ability to uncover insider threats? In response to new challenges, threat hunting is a developing security practice that focuses on proactively detecting and isolating advanced threats. Detecting, preventing and mitigating “insider threats” is the most common reason for an organization to have a threat hunting program. However, in practice, what some call an “insider threat,” others may call “internal security monitoring.” Definitions of what an insider threat is can range from internal…

Read More Read More

3 Zero-Cost Tactics That Make it Difficult for Attackers to Move Laterally

3 Zero-Cost Tactics That Make it Difficult for Attackers to Move Laterally

Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right?  Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts and subjects, there are three things…

Read More Read More

Gain System Access and Persistence with SQL Native Attacks – SQL Attacks

Gain System Access and Persistence with SQL Native Attacks – SQL Attacks

What to Do with Your New SQL Kingdom In the last posts, we explored ways to gain access to MS SQL and to extract the data it contains. The fun thing with MS SQL, though, is that is just the start. Every application has a certain amount of access to other resources. Databases generally have a lot of low-level access to system since their whole purpose in life is to optimize access to data. That means augmenting some basic IO…

Read More Read More

Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™

Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™

Transforming Active Directory Security Five years ago we introduced the StealthINTERCEPT product line, to address the growing requirement for a comprehensive Active Directory change and access monitoring solution. We know that Active Directory is safest when it is clean, properly configured, closely monitored, and tightly controlled – that is exactly what StealthINTERCEPT has been successfully doing for its users. The security implications of a well maintained and monitored AD environment have significantly increased in the years since we first released…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.