STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Completely Owning MS SQL Server If what you’re after is a toolkit to own Microsoft SQL Server from end to end, then what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise, elevate, target, and own just about any SQL system. It’s the whole kill chain in one tool. Just as I could have run all the initial discovery and comprom...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • After all the posts about attacking different parts of IT infrastructure, it seems impossible that we have never used nmap as a tool before. Nmap is one of the most reliable and well-known tools of the trade for attackers. More than that, it is used by security pros and IT admins for a huge number of tasks. In their own words, the makers of nmap say it is a “utility for network discovery and secur...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our thirteenth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing, and Gabriel Gumbs, VP of Product Strategy. We discussed our 2017 Cybersecurity Recap & 2018 Predictions Report, and tried to focus on the prediction part of things since we are at the start of the new year. After a quick look over the shoul...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan & Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In the business of selling security solutions, not too long ago the phrase “defense in depth” dominated the messages. It was meant to evoke an image of defending each layer of the IT infrastructure with uniquely suited solutions. Now everyone recognizes that the notions about perimeter defenses are flawed. Real security is built in to everything, not wrapped around it. However, there are many corn...

STEALTHbits Technologies
STEALTHbits Technologies
YouTube Video
  • In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan & Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • This time of year is typically a time of giving, and I am here to give the gift of report security!  StealthAUDIT v8.1 has new data to discover, and new report management to keep that data secure. Version 8.1 of StealthAUDIT now equips users with Role Based Access (RBA) to control who has access to reports from the Web Console.  This is a great way to isolate reports to only the users who should b...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Data security is more important than ever.  Some of your most important information resides within databases, so devising a sound database security and auditing strategy is a must. CSO published an article earlier this year listing the top 16 security breaches of the century based on how much risk or damage the breach caused. Out of these 16 attacks, databases were at the heart of at least 4, incl...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • How much personal data are your employees able to access? What you don’t know will surprise you…and could possibly hurt you. Imagine you’ve been with a company for 10, 20, even 30 years. How many roles have you had? How many applications have you worked with over that period? If you’re like many individuals, you will likely have switched jobs at least 2 or more times. Here’s the (fictitious) story...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Awareness is the first and most essential ingredient in any successful risk mitigation strategy.  StealthAUDIT v8.1 has been enhanced to extend your awareness into high risk conditions that can easily sneak up on you in three key ways: SQL Database Security – Discover, assess access, and monitor activity within SQL databases, scouring each for sensitive data that attackers are likely to target Wea...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan and Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Acces...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan & Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • So far in this series, we’ve learned how attackers can target weak domain passwords in Active Directory.  To complete the story, we need to look beyond domain accounts and understand the ways to attack local accounts on Windows servers and desktops.  For this post, we will focus on the most important local account: Administrator.  The Administrator account is built into every Windows operating sys...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • As we begin to wrap up 2017 and reflect back on the year, we looked at what the industry has accomplished and in some cases where we have fallen short. In the early part of this year many industry thought leaders were stating that 2017 would again be the year of ransomware. They were all very correct in their statements, but this year has shown us much more, it has shown us the increasing need for...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our last post, we learned about password spraying and how effective this can be to compromise AD accounts with weak and commonly used passwords.  Now let’s take a look at how an attacker could take this approach and put it into practice to compromise your domain.  For that, we are going to use BloodHound, a very useful open-source application for penetration testing AD security and planning att...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our tenth edition of the Insider Threat Podcast, we were joined by NetApp Senior Technical Marketing Engineer, Justin Parisi. Justin is making the rounds ahead of the NetApp ONTAP version 9.3 release this week. Of course, we wanted to get the conversation focused on insider threats and other security topics. We managed to do just that. It seems ONTAP has a few good security related tricks up it...

STEALTHbits Technologies
STEALTHbits Technologies
YouTube Video
  • In our tenth edition of the Insider Threat Podcast, we were joined by NetApp Senior Technical Marketing Engineer, Justin Parisi. Justin is making the rounds ahead of the NetApp ONTAP version 9.3 release this week. Of course, we wanted to get the conversation focused on insider threats and other security topics. We managed to do just that.

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • So far in this series we’ve looked at how plain text passwords can be exposed within Active Directory, which represents a major vulnerability for most AD environments.  However, even if you have proper controls to prevent plain text passwords in your network, attackers can still get them pretty efficiently.  How do they do this?  They guess.  And you’d be surprised how well guessing works at crack...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • If you haven’t heard, October was National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team observed the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The fifth week them...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • A lot of attention gets paid to preventing pass-the-hash and pass-the-ticket attacks, but imagine what an attacker could do with the actual passwords of privileged user accounts rather than just the hashes. Pass-the-hash gives attackers access to what can be performed from a command line, but plain text passwords give an attacker unlimited access to an account.  This may include access to web appl...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • What is ITAR? The International Traffic in Arms Regulations (ITAR) is a United States regulatory compliance standard that restricts and controls the export of defense and military related technologies to safeguard U.S. national security. The U.S. Government requires all manufacturers, exporters, and brokers of defense articles, defense services or related technical data to be ITAR compliant. For a...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • On October 24, 2017, STEALTHbits was alerted to a ransomware campaign spreading across Eastern Europe and Russia. There are reports that the infection is leveraging the EternalBlue, the exploit generally believed to be developed by the U.S. National Security Agency (NSA), however there is no evidence to support those claims. Bad Rabbit does however appear to be related to the Nyetya ransomware var...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.