Are Weak Passwords Putting You At Risk?

Are Weak Passwords Putting You At Risk?

Credentials and data: two common denominators that are present in almost every breach scenario. Unfortunately for all of us, attackers are well aware that you can’t have one without the other. Getting to the mother lode is simple, really. Step 1: Crack the password. Step 2: Obtain credentials. And that’s why an organization’s password requirements and policies should always be under intense scrutiny. But herein lies a problem. What if an organization has “complex” criteria in place, but the output…

Read More Read More

ProTip: Eliminating Weak Active Directory Passwords

ProTip: Eliminating Weak Active Directory Passwords

Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak Password Checks.’ One of the checks in this report performs a hash comparison between your AD passwords…

Read More Read More

Malware: ILOVEYOU Melissa & still you make me WannaCry

Malware: ILOVEYOU Melissa & still you make me WannaCry

Protect Your Unpatched Systems Against Malware What do the Melissa virus, ILOVEYOU worm and the WannaCry ransomware have in common? After patches were made available, they were still successfully spreading. Secondary storage also played a role in these infections. As malware evolved from nuisance to profit-driven, secondary storage became less of an infection vector and more of an opportunity to ransom data. I choose to highlight Melissa somewhat randomly, but mostly because it was 18 years ago and basic information…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.