Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE

Stealthbits

Posts by Gabriel Gumbs

Home >Gabriel Gumbs
Gabriel Gumbs is the VP of Product Strategy at STEALTHbits Technologies responsible for end-to-end product vision and innovation. With a 16 year tenure in CyberSecurity, he has spent most of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations. Gabriel is an information security thought leader, privacy advocate and public speaker.

Down the Bad Rabbit Hole

Update 2017-10-27 1:30pm EDT: Multiple researchers are reporting an exploit in the BadRabbit sample that is largely based on the EternalRomance exploit published in the ShadowBrokers leak. On October 24, 2017, STEALTHbits was alerted to a ransomware campaign spreading across Eastern Europe and Russia. There are reports that the infection is leveraging the EternalBlue, the […]

File System Attacks – Insider Threat Podcast #9

In the ninth edition of the Insider Threat Podcast, Jonathan Sander and I did a little role reversal. I played Zorak to Jonathan’s Space Ghost and was asking the questions – the topic this week is File System attacks. A topic that we have noticed not many struggles with, but one that we increasingly see […]

The 180 Days Are Over: NYS DFS Cybersecurity Regulation – 23 NYCRR 500

The New York State Department of Financial Services (NYS DFS), announced 23 New York Code Rules and Regulations 500 (23 NYCRR 500), a cybersecurity regulation for all financial institutions doing business in New York. Today marks the end of the first major deadline for this regulation, 180 days after going into effect on March 1, […]

From Botnets to DACL Backdoors: A Journey through Modern Active Directory Attacks – Part I

Active Directory DACL Backdoors In my last blog post, we examined Active Directory (AD) backdoors and how to defend against them. The botnets’ primary communication mechanism relied on abusing AD attributes. Once established, these botnets allow attackers to communicate across internal security controls, exfiltrate data—and most importantly—gain a foothold that is very difficult to detect […]

Defending Against Active Directory Botnets

Active Directory Enterprise Attack Vectors Active Directory (AD) enterprise attack vectors continue to get a lot of attention from security researchers. If history is our guide, it is only a matter of time before we see more active exploits in the wild. I sat in on Ty Miller and Paul Kalinin’s Black Hat presentation, “The […]

Malware: ILOVEYOU Melissa & still you make me WannaCry

Protect Your Unpatched Systems Against Malware What do the Melissa virus, ILOVEYOU worm and the WannaCry ransomware have in common? After patches were made available, they were still successfully spreading. Secondary storage also played a role in these infections. As malware evolved from nuisance to profit-driven, secondary storage became less of an infection vector and […]

Lucky 13: WannaCry Ransomware and EU GDPR

WannaCry Ransomware and GDPR 13 Months. That is the number of months (from the time of this writing) separating the #WannaCry attack from being not just a massive information security “incident” but the single largest test of the EU General Data Protection Regulation (GDPR). We are not going to focus on the WannaCry ransomware in […]

What you need to know about the WannaCry Ransomware

WannaCry / Wcry / WannaCrypt Ransomware A large-scale cyber attack (WannaCry ransomware) that began on May 13th has already infected over 230,000 computers in 150 countries, demanding ransom payments in 28 languages – these numbers continue to grow and given the patch for the vulnerability being exploited is only two months old, we are likely […]

4 Steps to Ensure NYCRR 500 Compliance

What is NYCRR 500? On March 1st, 2017, the New York State Department of Financial Services put into effect new cybersecurity requirements of its ‘covered entities’. Those entities include banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies that do business in New York. Within […]

LDAP Monitoring for Security

LDAP Monitoring LDAP (Lightweight Directory Access Protocol) is an application protocol for querying and modifying items in directory service providers like Active Directory (AD). AD, by contrast, is a directory services database, and LDAP is one of the protocols you can use to talk to it. Because Microsoft provides no easy way to monitor LDAP […]

Subscribe

DON'T MISS A POST. SUBSCRIBE TO THE BLOG!

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL