Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE


And other things that keep you up at night

Blog >Security

Browsed By
Category: Security

A Guide to California Consumer Privacy Act (CCPA) Compliance in 2020

| Dan Piazza | | Leave a Comment
The California Consumer Privacy Act was signed into law in 2018 and went into effect on January 1st, 2020. With the EU’s GDPR paving the way, CCPA has a significant impact on how enterprises manage security and compliance for user data, as well as how data breaches are handled.  Simply put, the CCPA gives residents of the state of California greater control over their personal data, requiring companies to be more transparent&…

The Importance of Updating Your Breach Password Dictionary

| Damon Tepe | | Leave a Comment
With breaches and cyber-attacks continually increasing every year, a constant stream of compromised passwords finds their way to the dark web for purchase and use. This should NOT be a surprise. 80% of breaches involved stolen or misused credentials1. And this makes sense … why use advanced attack techniques when stealing credentials and assuming user identities is easier, less detectable, and still works? Stealthbits leverages the “Have I Been Pwned” breach password dictionary within Stea…

Windows Remote WMI Security Primer for the Faint-Hearted

StealthAUDIT, a best in its class Data Access Governance (DAG) tool utilizes Windows Management Instrumentation (WMI) extensively to gather various pieces of information from the targeted Windows servers.  While local WMI querying is straightforward to implement and troubleshoot, remote WMI querying is another story.  Setting up remote WMI query security is a pretty daunting task if you are not willing to use an account that is either part of the Domain Administrators group or Local Administr…

What is Sensitive Data?

Sensitive data is a term that we hear quite often these days, especially as it relates to the plethora of data privacy laws that have been introduced over the past several years. Seemingly, the sensitive data definition is simple: sensitive data is any information that needs to be protected. What that really means though is often dependent on the nature of the business conducted by an organization and even more so, the responsible governing body. What is Considered Sensitive Data? T…

Auditing Administrator Access Rights

| Adam Laub | | Leave a Comment
Identifying Administrative Privileges Across IT Resources Accounts with administrative and elevated privileges are necessary for both business and IT functions, but also represent a significant risk to your organization. Privileged credentials in the hands of the wrong user or an attacker can lead to a variety of undesirable outcomes, including data breaches, infrastructure outages, and compliance failures. Although Privileged Access Management (PAM) is recognized by CISOs and security pro…
What is a Data Breach And How to Prevent One

What is a Data Breach and How to Prevent One

Data breach. There are fewer times that two simple words invoke so many fearful thoughts in the mind of a C-level executive. How did it happen? What was taken? What are we going to do? Who was responsible? There are many routes an organization may explore in terms of breach mitigation, but let us start at the beginning. This blog will cover some of the simple basics of a data breach – what it is, ways they are caused, etc. –  and some simple steps that an organization can …
What is the Principle of Least Privilege (POLP) - Definition and Best Practices

What is the Principle of Least Privilege (POLP)? – Definition and Best Practices

As part of a sound security structure, one of the most basic things a company can do is implement a principle of least privilege model within their organization. This blog will explain what this means and how this security model can up your security stature. Principle of Least Privilege Definition (POLP) The principle of least privilege stems from the idea that users should only have access to the resources that they need so they can adequately perform the duties that they are requi…
What Are Browser Cookies And How Do They Work?

What are Browser Cookies and How do They Work?

If you have ever surfed the web, you have almost certainly encountered browser cookies among your digital travels. Although for some they may be a nuisance, for the majority browser cookies are an essential part of the internet experience, often interacting with you without your knowledge. In this blog, I will take you through a 101 primer on browser cookies. For a more in-depth look at how they may affect the security of your IT environment, I invite you to read Jeff Warren’s blog on that…
SMBv3 Vulnerability Explained

SMBv3 Vulnerability Explained

| Kevin Joyce | | Leave a Comment
SMBGhost What Happened? This week, Microsoft accidentally published information around a newly identified vulnerability in SMBv3, which is being dubbed SMBGhost. This vulnerability can lead to remote code execution on the server, which is always a major concern as far as the severity of vulnerabilities go. The version affected specifically is 3.1.1, which is a more recent version. They mention that this can be exploited from an unauthenticated attacker who sends a specially crafted pack…
What is a Data Breach And How to Prevent One

What is a Ransomware Attack?

| Todd Kovalsky | | Leave a Comment
Million-dollar ransomware payouts, government protection, and ease of access will continue to fuel the growth of cybercrime. Imagine coming to work and turning on the computer only to see a message that says “repairing file system on C:” or “oops, your important files are encrypted” demanding a payment in bitcoin to decrypt them. A typical message displayed during a Ransomware attack When you read the headlines of six-figure ransomware payouts, you might begin to wonder how hacker g…




© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.