In our seventh edition of the Insider Threat Podcast, once again we spoke with our resident white hat hacker, Jeff Warren. We’ve just partnered with Randy Franklin Smith at Ultimate Windows Security to deliver some of Randy’s “real training for free” on detecting and mitigating Active Directory (AD) attacks from our ongoing blog series. I’ve […]
Preventing Data Theft with File Activity Monitoring If you ask most folks who pay attention to cybersecurity what the recent big-name breaches and headline-grabbing malware have in common, you would get many answers. Some would say they were next-generation ransomware like NotPetya or WannaCry. Others would say that the HBO and Sony breaches started with […]
In our sixth edition of the Insider Threat Podcast, once again we spoke with our resident white hat hacker, Jeff Warren. Jeff has just finished another in our ongoing blog series about insider attacks on Active Directory (AD). This time, the focus was the Mimikatz toolkit and all the ways it’s being used to exploit […]
In our fifth edition of the Insider Threat Podcast, we caught up with Gabriel Gumbs who has just spent the week at Black Hat 2017. Gabriel is the STEALTHbits VP of Product Strategy and his mission was to meet with some of our customers and partners at the show as well as bring back any […]
In our fourth edition of the Insider Threat podcast, we have our favorite guest Jeff Warren on to discuss the latest in the AD attack series of blog posts. These attacks are always fascinating, but this one must be the most interesting yet. These attack vectors are simultaneously obscure and powerful. Most attackers aren’t sophisticated […]
Active Directory Attack Blog Series Spending time with customers in Texas last week left me speechless – literally. One customer asked me a question for which I was not prepared. They have been following our Active Directory attack blog series. They found it very interesting, but they had one major question. Why should they spend […]
In our third edition of the Insider Threat podcast, we turn from the bad guys attacking you to auditors attacking you. That’s a joke, but I know it does reflect the way it can feel sometimes. Many folks will ignore NYCRR 500 because they see “NYC” and think that means it isn’t about them, or […]
Cybersecurity thought leader, privacy advocate and public speaker, Gabriel Gumbs talks with host Jonathan Sander about NYCRR 500, the new cybersecurity regulation by the New York State Department of Financial Services (DFS). For more information on NYCRR 500 and how your financial services entity is likely impacted, visit: https://www.stealthbits.com/nycrr-500
During the Cloud Identity Summit 2017 keynote, there was a predictable discussion about the state of our deteriorating security perimeter. Given this is the year’s premiere identity event—and that the speaker was Ping Identity’s CEO—you may expect to hear the now ubiquitous meme: “Identity is the new perimeter.” That is not what we heard, though. […]
Service accounts are under managed and overprivileged. Being pushed along by application groups annoyed that they need to deal with any process at all, security or helpdesk folks simply make an account, give it rights, and get it in the hands of the application folks. The application team thinks the account is controlled like any […]
Start a Free Stealthbits Trial!
No risk. No obligation.