STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Persistence using AdminSDHolder and SDProp
    AD Permissions Attack #3: Persistence using AdminSDHolder and SDProp Now that we’ve compromised privileged credentials by exploiting weak permissions, it’s time to make sure we don’t lose our foothold in the domain. That way, even if the accounts we’ve compromised are deleted, disabled, or have their passwords reset we can easily regain Domain Admin rights. To do so, we will be exploiting some of ...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Gain Visibility into the Most Important Activity on Your Network with File Activity Monitoring
    File Activity Monitoring With Russia’s suspected hacking of the U.S. elections still in the news, our office conversation turned to the topic of Edward Snowden. One of our executives commented that even with the billions the government spent on cybersecurity—including technologies like User and Entity Behavior Analytics (UEBA)—officials still don’t know exactly what information Snowden took. I men...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Podcast: How to Stop Active Directory Attacks
    We have just done the first episode of our Insider Threat podcast, and it was a little scary. I’m no stranger to doing a show; so that wasn’t scary. What was frightening is how easily the bad guys can exploit our Active Directory and Microsoft platforms. I sat down with Jeff Warren, who wrote our recent blog series, 4 Active Directory Attacks and How to Prevent Them, and asked him how difficult it...
STEALTHbits Technologies
STEALTHbits Technologies
Youtube Video

New YouTube videos detected.

  • Active Directory Attacks - Insider Threat Podcast #1
    Cybersecurity veteran Jeff Warren speaks with host Jonathan Sander about the 4 Active Directory attacks almost every organization is vulnerable to and gives immediate steps to help you protect your Active Directory. Click on these links for the full blog series and webinar: https://blog.stealthbits.com/how-to-protect-against-active-directory-attacks http://go.stealthbits.com/on-demand-webinar-4...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Attacking Active Directory Permissions with BloodHound
    AD Permissions Attack #2: Attacking Permissions with BloodHound So far in this series, we’ve explored the importance of Active Directory permissions and just how easy it is for attackers to discover vulnerable permissions. Unless an organization has left Domain Admin permissions wide open, perpetrating an attack against Active Directory permissions can get rather complex. A successful attack again...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Active Directory Attacks – Insider Threat Podcast #1
    The recent flare up around EternalBlue and other SMB attacks has put the spotlight back on Microsoft security vulnerabilities. In this podcast, cybersecurity veteran Jeff Warren speaks with host Jonathan Sander about four Active Directory attacks almost every organization can fall prey to—and how with tools like BloodHound, PowerShell, and Mimikatz, even newbie attackers can quickly escalate privi...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Malware: ILOVEYOU Melissa & still you make me WannaCry
    Protect Your Unpatched Systems Against Malware What do the Melissa virus, ILOVEYOU worm and the WannaCry ransomware have in common? After patches were made available, they were still successfully spreading. Secondary storage also played a role in these infections. As malware evolved from nuisance to profit-driven, secondary storage became less of an infection vector and more of an opportunity to r...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Exploiting Weak Active Directory Permissions with PowerSploit
    AD Permissions Attack #1: Exploiting Weak Permissions with PowerSploit In the introductory post, we outlined some reasons why attackers may target AD permissions. In this post, we are going to look at specific ways to search for weak permissions. This attack can be perpetrated without any privileges in an environment, so finding these weaknesses is very quick and effective. We will be using a Powe...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • 4 Attacks that Exploit Active Directory Permissions and How to Protect Against Them
    Introduction: Active Directory Permissions Attacks In previous blog series, we have written about attacks against Active Directory (AD) administrative rights and service accounts. These topics have led to several discussions with coworkers and employees about other ways to penetrate and attack Active Directory environments. Throughout these conversations, one topic was repeatedly overlooked: Activ...
STEALTHbits Technologies
STEALTHbits Technologies
Youtube Video

New YouTube videos detected.

  • Achieving Least Privileged Access with Automated Resource-Based Groups
    Implementing a resource-based group provisioning workflow, automating the least-privileged access model, is a key step to achieving Data Access Governance (DAG). The greatest advancement in DAG is the release of StealthAUDIT 8.0. With the focus on automating controls, advanced Active Directory (AD) visibility, and expanded interoperability, customers can now implement an effective and scalable DA...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • 5 Essential Steps to EU GDPR – Part 5: GDPR The Ticking Time Bomb
    At the time of writing this blog, there are 378 days, 8 hours until the GDPR comes into force. That’s 54 weeks or approximately 270 weekdays, not considering public holidays. Surely plenty of time to get everything in place and ensure your business is compliant. Right? Wrong! Let me back this up by putting some context around the various elements discussed in the previous blogs in this series. The...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Complete Domain Compromise with Golden Tickets
    Service Account Attack #4: Golden Tickets In this blog series, we’ve focused on ways to find and compromise Active Directory service accounts. So far, this has led us to compromise accounts which grant us limited access to the services they secure. In this final post, we are going to explore the most powerful service account in any Active Directory environment: the KRBTGT account. By obtaining the...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Lucky 13: WannaCry Ransomware and EU GDPR
    WannaCry Ransomware and GDPR 13 Months. That is the number of months (from the time of this writing) separating the #WannaCry attack from being not just a massive information security “incident” but the single largest test of the EU General Data Protection Regulation (GDPR). We are not going to focus on the WannaCry ransomware in this post though. If you’re interested in my technical breakdown, yo...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Impersonating Service Accounts with Silver Tickets
    Service Account Attack #3: Silver Tickets So far in this blog series, our first post showed us how to discover Active Directory service accounts and our second post explored how to crack their passwords using Kerberoasting. Now that we have compromised at least one service account and extracted its password, this post will explore how to further exploit that account using Silver Tickets. Silver Ti...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • What you need to know about the WannaCry Ransomware
    WannaCry / Wcry / WannaCrypt Ransomware A large-scale cyber attack (WannaCry ransomware) that began on May 13th has already infected over 230,000 computers in 99 countries, demanding ransom payments in 28 languages – these numbers continue to grow and given the patch for the vulnerability being exploited is only two months old, we are likely to see these numbers increase. The perpetrators of the a...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Amazon Echoes, Fitbits, and Fuzzy Handcuffs – Another Reflection on the Internet of Things
    I’m Going to Start This Blog out With a Story The other weekend my roommate and I had some company over to our apartment. It was like any other Friday night – friends chatting, music playing, and a few adult beverages being passed around. However, as we were leaving to go out to the bars, one of our guests decided it would be hilariously funny to play a little prank. Unbeknownst to me, he used the...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • StealthAUDIT 8.0: Active Directory Permissions Analyzer
    Active Directory Permissions The release of StealthAUDIT 8.0 delivers enhanced Active Directory (AD) Permissions analysis capabilities. This is welcome news to the over 90% of organizations that use Active Directory to control who can access their network and resources. I say welcome because there are so many different ways to grant privileged access to AD and no easy way to see all these permissi...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • STEALTHbits ProTip: 3 Steps to Control Local Administrator Access
    Controlling Local Administrator Access Local administrative access is necessary for IT staff to perform tasks like installing software and fixing server and desktop issues. Often users outside IT also end up with local admin rights so they too can install software on their own machines or make other configuration changes. However, many organizations lack processes for monitoring and maintaining th...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Automate Least Privilege Access with Resource-Based Groups
    The success of any Data Access Governance program starts with implementing a resource-based groups provisioning workflow by automating the least privilege access model. StealthAUDIT 8.0 automates the application of least privilege access control across file systems in bulk and at scale. By converting existing access control lists to a resource-based group security model and revoking excessive priv...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Top 10 Ways to Identify and Detect Privileged Users by Randy Franklin Smith
    Privileged users are the penultimate goal of cyberattacks. Once attackers have privileged access, it’s only a small step to the information they want to steal. Cybercriminals leverage tools such as malware and phishing scams to gain a foothold within your organization, looking for ways to access and utilize credentials. In “wash, rinse, repeat” fashion, attackers patiently claw and scrape their wa...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • 4 Steps to Ensure NYCRR 500 Compliance
    On March 1st, 2017, the New York State Department of Financial Services put into effect new cybersecurity requirements of its ‘covered entities’. Those entities include banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies that do business in New York. Within the next 180 days (starting from March 1s...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Extracting Service Account Passwords with Kerberoasting
    Service Account Attack #2: Extracting Service Account Passwords In our first post, we explored how an attacker can perform reconnaissance to discover service accounts within an Active Directory (AD) domain. Now that we know how to find service accounts, let’s look at how an attacker can compromise those accounts and use them to exploit their privileges. In this post, we will explore one such metho...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • 5 Essential Steps to EU GDPR – Part 4: STEALTHbits Technologies, a logical fit for EU GDPR
    In part three we discussed how no one person, organisation or vendor has ‘the’ silver bullet to GDPR compliance.  What you need is an array of tools and people to address the many challenges ahead. Saying that not all technical solutions are equal in their value to a GDPR project. Given GDPR is a Data Governance project (as discussed in part two), it makes sense to leverage both technology and peo...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • File System Auditing
    File System Auditing Adequately and efficiently capturing file system access and change activities can dramatically increase an organization’s ability to detect insider threats, prevent data breaches, and mitigate the damage that can be done by advanced threats like crypto ransomware. Native file system auditing functions within file repositories like Windows file servers and NAS devices like NetA...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • 5 Essential Steps to EU GDPR – Part 3: Engage the Right People
    This is arguably the most important element in achieving GDPR compliance. No organisation can do everything independently. Even software vendors must engage with outside agencies on this one. We’re going to discuss ‘the right people’ as two categories; Internal and External. If ever there was an all hands requirement in a project, this is it. Internal Because GDPR is a compliance regulation, it’s ...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • StealthAUDIT 8.0 is Here!
    This release marks a major breakthrough in data-centric security with several significant enhancements to our interoperable governance platform. Implementing a consistent least-privilege access model has never been easier! StealthAUDIT 8.0 automates the application of least privilege access control across file systems in bulk and at scale. By converting existing access control lists to a resource-...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • Discovering Service Accounts without Using Privileges
    Service Account Attack #1: LDAP Reconnaissance with PowerShell In the introductory post, we outlined what a service account is and how these accounts relate to other privileged accounts within an Active Directory environment. There could be many reasons to discover where service accounts are and how they are being used. In this post, we will approach this discovery through the mindset of an attack...
STEALTHbits Technologies
STEALTHbits Technologies
Blog Article

New blog articles detected.

  • 4 Service Accounts Attacks and How to Protect Against Them
    Introduction: Service Accounts Attacks Whether you realize it or not, service accounts represent a major risk to your data security. I’ve had many customers inquire about how to protect service accounts within their Active Directory environments. Through these conversations, I’ve learned that organizations want to understand the fundamentals of service accounts, and how attackers can exploit these...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in