STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Credential theft within Windows and Active Directory continues to be one of the most difficult security problems to solve.  This is made clear in the Verizon DBIR where it is reported that the use of stolen credentials is the #1 action identified across data breaches. Microsoft has acknowledged this challenge and responded with a guide on how to mitigate the Pass-the-Hash attack.  They have expand...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • The May 25th EU GDPR deadline might have been less than 2 months ago, but it’s clear that the ripples from the groundbreaking act have already begun to make their way “across the pond” into the United States. This was evident just last month when The Golden State unveiled their “California Consumer Privacy Act” which sets restrictions on how organizations harvest and use data, and perhaps kicking ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Halfway through the year, 2018 has seen an increase of insider threats that continue to highlight how privileged access is easily abused for a variety of nefarious activities. Telsa, the electronic car manufacturer, was hit by an insider that used their access to sabotage systems and give away trade secrets. A Punjab National Bank employee gained access to sensitive passwords to the SWIFT interban...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • User access and permissions to data are excessive – especially within network file share infrastructure – due in large part to the highly complex and/or error-prone processes administrators have been forced to navigate over the years.  Adding insult to injury, the location of sensitive data within shared file systems is largely unknown in most organizations, which is a problem given this type of d...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • The release of the highly anticipated STEALTHbits Activity Monitor 3.0 brings some new and innovate features and functionality, which users will appreciate. The addition of SharePoint activity support will instantly add value to existing SharePoint solutions through the receiving of activity information in StealthAUDIT reports along with the ability to send real-time SharePoint events over to a SI...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • The STEALTHbits team remains keenly focused on delivering world-class activity monitoring and threat analytics solutions to our customers, which is why we are proud to announce the release of STEALTHbits Activity Monitor 3.0 and StealthINTERCEPT 5.1. Both of these releases come with several key updates and expanded platform support. STEALTHbits Activity Monitor 3.0 The STEALTHbits Activity Monitor...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Since 2016 the Ponemon Institute has released a yearly report on the cost of insider threats, and this year’s report covered some statistics that may surprise you. Most people relate to incidents and breaches that originate from outside the organization. Practitioners, however know that they cannot focus only on the outsider threat but also the threat from insiders and how costly it can be. The Po...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Now that EU GDPR has arrived, it is important to understand how to configure groups of criteria to the compliance standards your organization is concerned about most. StealthAUDIT’s Sensitive Data Discovery allows you to identify file content that matches your set criteria. This can be done for keywords or regular expressions, as well as groups of any of those criteria sets. The configuration for ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • If you find yourself among the minority that is “ready” I congratulate you, as data privacy will no longer stand still for any of us. And those who find themselves among the majority that is not ready, this is a good time to practice the principle of priority. The post GDPR–A Crash Course appeared first on The Insider Threat Security Blog.

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • I’m writing this sitting in Germany, having spent one week meeting with customers from the UK, Switzerland, and other places and about to spend another at the Kuppinger Cole EIC Conference. The conference agenda is loaded up with EU GDPR topics, and there will be more to say about that in another post. It was very interesting last week to hear from customers, prospects, and partners where their GD...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • The latest release of StealthDEFEND 1.1 brings us a new highly anticipated feature, Investigations. This brings a new custom experience to the threats and alerts you see in the product by allowing you to define your own threats by specifying the: who, what, where, and when. By navigating to the “Investigate” page in the menu, you are presented with the file activity events for the current day alon...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti says, “Whether it is dealing with new cyber-attacks or changes in technology that makes things obsolete at a very fast pace, the ability to have conversations around that (risk) both from a business-process owner standpoint and from an auditor standpoint is a leading standard by which we would expect organizat...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Cyber Attack Reference Guide for Security Practitioners For over a year now, we’ve been documenting all the most common and clever techniques attackers have developed to compromise Active Directory credentials on their way to complete domain dominance.  Frustratingly, but not surprisingly, the quantity of attack methods to choose from and the frequency of attack prevalence have only risen over the...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • With more than 40,000 security professionals converging on the Moscone Center in San Francisco, we will be taking over the City by the Bay for the week of RSA (April 16-20). In this blog post, I just wanted to give some helpful tips from a Bay Area native and also recommend some Data Security sessions that look interesting from the agenda. Of course, there is always our session at 3:10 p.m. PDT on...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Forrester just released The State of Microsoft Active Directory 2018 report by Merritt Maxim, and it’s definitely something that anyone interested in current state of Active Directory (AD) usage and where it’s going should read. Here are some of the key takeaways summarized by the report: Demand for Cloud Based AD is growing. On-prem AD is still dominant in the enterprise, but as cloud deployments...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that sk...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • 67% of organizations are not confident in their ability to uncover insider threats? In response to new challenges, threat hunting is a developing security practice that focuses on proactively detecting and isolating advanced threats. Detecting, preventing and mitigating “insider threats” is the most common reason for an organization to have a threat hunting program. However, in practice, what some...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • StealthINTERCEPT provides great threat hunting capabilities, so naturally, the health of our systems is paramount.  StealthINTERCEPT Health Alerts give us the information we need to ensure we keep getting the data we care about. Agent connectivity is my main concern, although SI Agents will cache a fair amount of events, I want to get them communicating again ASAP to prevent any delay in my securi...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In this series, we’ve learned about DCShadow and covered attack scenarios to demonstrate how this can be used for an attacker to create persistence as well as elevate privileges across forests.  Now that we know the risks involved with DCShadow, let’s cover what you can do to detect this in your environment. First, let’s recap the basics: The purpose of DCShadow is to make changes that will not be...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • So far we’ve covered how DCShadow works as well as ways this can enable attackers to create persistence within a domain without detection once they’ve obtained admin credentials.  DCShadow can enable attack scenarios beyond just creating persistence, and can actually be used to elevate access for an attacker. How can a Domain Admin elevate their access even higher? By obtaining admin rights in oth...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Something I say in customer meetings a lot is that unstructured data isn’t glamorous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Now that we understand the basics of the DCShadow feature, let’s look at some ways in which attackers can leverage DCShadow in a real world attack scenario.  As we learned, DCShadow requires elevated rights such as Domain Admin, so you can assume an attacker leveraging this already has complete control of your environment.  So why would an attacker want to or need to use DCShadow? One real world s...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • With our focus on SQL Attacks this month, I naturally think about what data is being attacked as well.  StealthAUDIT’s SQL Solution Set can show us a lot of valuable information but collects even more than what immediately shows. StealthAUDIT Data Views are my go-to tool when I want advanced manipulation of data for an export.  Some of these are immediately available, and others must be “turned on...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • If you’re familiar with Mimikatz, you’ve already seen some of the ways it exposes weaknesses in Active Directory security (if you’re not, read up!).  Recently, a new feature was added to Mimikatz titled DCShadow and was presented by its authors Benjamin Delpy and Vincent LeToux at the Bluehat IL 2018 conference. DCShadow enables Mimikatz to make changes to Active Directory by simulating a domain c...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right?  Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.