Netwrix and Stealthbits merge to better secure sensitive data. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Security

Browsed By
Category: Security

Detecting Advanced Process Tampering Tactics with Microsoft’s Sysmon 13

Detecting Advanced Process Tampering Tactics with Microsoft’s Sysmon 13

| Dan Piazza | | Leave a Comment
Sysmon is an important tool within Microsoft’s Sysinternals Suite, a comprehensive set of utilities and tools used to monitor, manage, and troubleshoot the Windows operating system. Per Microsoft’s own definition, Sysmon “provides detailed information about process creations, network connections, and changes to file creation time. By collecting the events it generates using Windows Event Collection or SIEM agents and subsequently analyzing them, you can identify malicious or anomalous acti…
Leveraging OpenSSH to Move Files in Windows Server 2019

Leveraging OpenSSH to Move Files in Windows Server 2019

| Sujith Kumar | | Leave a Comment
Having worked with Unix and Linux servers for a long time, one feature that I came to appreciate is the Secure Shell (SSH) daemon.  The SSH server daemon allows users to securely connect to Linux and Unix servers using an SSH client.  Those of you who work with Linux and Unix servers are quite familiar with open-source SSH tools such as Putty and WinSCP.  Personally, I find WinSCP quite helpful as it allows me to transfer files back and forth from my Windows desktop machine to …
What Comes After the FireEye Attack

What Comes After the FireEye Attack

By now it’s common knowledge that FireEye has disclosed they were the victims of an attack by a nation-state seeking government information. If you aren’t aware of the particulars of this attack, I strongly encourage you to take a few minutes and read the blog posted by the FireEye team. It includes details about the attack and what was compromised, as well as how the company plans to address the situation. In the next few days, we will face a barrage of messages from vendors seeking to re…
Giving Back while Safeguarding Schools in the Age of COVID-19

Giving Back while Safeguarding Schools in the Age of COVID-19

Going remote is the new reality as we continue to grapple with a devastating global pandemic. The transition to remote learning in our nation’s schools, in particular, has created a new level of upheaval and burden that’s impacted most every home and community. Luckily, most of Stealthbits’ existing corporate customers switched to digital work rather seamlessly after testing and reinforcing the security of their networks and IT infrastructure. Educational institutions, on the other hand, were…
Malware’s Growth During the COVID-19 Pandemic

Malware’s Growth During the COVID-19 Pandemic

| Dan Piazza | | Leave a Comment
If recent years have taught us anything about the intent of threat actors, it’s that no victim or circumstance is off limit when there’s a profit to be made. Throughout the year attackers have used COVID-19 to take advantage of victims’ fears of the virus, exploited new attack surfaces resulting from the increase in remote work, and even attempted to steal vaccine research. Earlier this year, it was reported that the FBI’s Internet Crime Complaint Center (IC3) has seen reports in cybercrim…
PostgreSQL Server Security Primer

PostgreSQL Server Security Primer

| Sujith Kumar | | Leave a Comment
PostgreSQL or simply referred to as Postgres has had a very colorful history.  It began in 1986 as a POSTGRES project led by Professor Michael Stonebraker, which was sponsored by Defense Advanced Research Projects Agency (DARPA), the Army Research Office (ARO), the National Science Foundation (NSF), and ESL, Inc.   Postgres95 was released in 1994 for general use on the web which included support for SQL language interpretation.  In 1996, Postgres95 was officially renamed t…
What is an Insider Threat?

What is an Insider Threat?

| Farrah Gamboa | | Leave a Comment
September has been declared National Insider Threat Awareness Month (NITAM) through a joint venture between the National Counterintelligence and Security Center (NSC) and the National Insider Threat Task Force (NITTF).  The goal of this effort is to educate organizations and their employees on the threat, helping them understand how it can occur through both intentional and unintentional means, and to help employees recognize and report unusual behavior. This is amidst a particularly …
Top Data Breaches of 2020

Top Data Breaches of 2020

| Farrah Gamboa | | Leave a Comment
This year has been a year like no other, with what seems to be a never-ending and always evolving set of headlines. At a glance, we’ve seen the evolution of the Coronavirus pandemic, the ongoing wildfires across not only the country but the world, the death of a basketball legend, Brexit finally coming to fruition, a civil rights uprising, and so much more.   The state of cybersecurity this year has had just as many ups and downs. While research done by the&nb…
Protecting User Credentials - Individual & Software Best Practices

Protecting User Credentials – Individual & Software Best Practices

| Dan Piazza | | Leave a Comment
With the growth of personal data privacy regulations like GDPR and CCPA, it’s clear the tech world is moving towards a Privacy by Design approach when it comes to how organizations store data and design software. While securing sensitive data is a critical concern, it’s also essential that individuals and developers continue to secure the credentials used to access that sensitive data. This may seem obvious, however, a recent KPMG advisory shows that while 75% of Americans consider it risk…
Using & Securing Remote Desktop Protocol (RDP)

Using & Securing Remote Desktop Protocol (RDP)

| Dan Piazza | | Leave a Comment
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, allowing users to remotely connect to Windows workstations and servers. RDP is included in most versions of Windows, going as far back as Windows NT 4.0, and doesn’t come with additional costs or licensing requirements. In Windows networks, this means organizations don’t need to pay for third-party software like TeamViewer, LogMeIn, or AnyDesk in order to enable their users with remote access capabilities. As a…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!

 

Loading

© 2021 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL