It’s that time of the year again! As we roll into 2020 we’re
proud to present our 4th edition of “STEALTHbits’ Experts
We asked eight of our top industry voices here at STEALTHbits their thoughts on what’s to come in the world of cybersecurity in the next 365 days! Read on and come back at the start of 2021 to see how we did.
Ransomware Will Continue To Wreak Havoc Using the Same Old Tricks
Ransomware attacks will continue to impact organizations causing s…
Online businesses are rapidly overtaking the revenue of brick-and-mortar businesses in today’s internet age. The changes brought forth by internet-driven communication are driving businesses to become data-driven organizations. Organizations that master how to collect and manipulate data to their advantage will triumph over their competitors. The sheer volume of data being collected by businesses today goes beyond what traditional relational databases can handle, giving rise to a series…
In my role as a Technical Product Manager, I often find
myself prepping demos, setting up test environments, and helping customers test
and administrate their Active Directory environments with PowerShell.
PowerShell, being the most efficient and ubiquitous method of management at
scale in the Windows Server world, is my goto tool anytime I need to work with
The vast majority of my Active Directory scripting these
days is targeted at test, demo, and QA environments that f…
Phishing scams are a very common technique used by identity
thieves to trick you into giving them your sensitive personal or financial
information. Thieves will often impersonate actual companies like credit card
companies, banks or online resources such as PayPal or Dropbox. It is a
challenge to recognize what is real and what isn’t but there are a few things
you can do to make yourself/your organization less susceptible to this type of
Before we discuss a no…
In my last blog post, we took a look at the Vulnerability Assessment within the Advanced Data Security (ADS) offering for Azure SQL. In my final blog post of the series, we will take a deep dive into the Advanced Threat Protection features.
VIEW PART 1 HERE
VIEW PART 2 HERE
Advanced Threat Protection for Azure SQL Databases provides administrators with immediate visibility into potential threats such as suspicious database activities, potential vulnerabilities, SQL injection attacks…
The last post, we started discussing the importance of protecting Active Directory and your unstructured data. Today, we’ll continue our discussion with the next three data security best practices to ensure the security of your data.
Data Security Best Practice #2: Monitor Activity
Monitoring activity is an essential capability, but be
careful not to bite off more than you can chew. The best way to make effective
use of your monitoring efforts is to focus on specific scenarios…
Data security is a major issue for any company that has valuable information to protect. Breaches of that data can cost an organization dearly in the form of business disruption, loss of revenue, fines, lawsuits, and perhaps worst of all, the loss of trust between the organization and its customers and partners. But the challenge of securing all that data is daunting. It’s easy to lose sight of the fact that some small changes can have a major impact. Just as a journey of a thousand miles sta…
In my last blog post, we took a look at the Data Discovery & Classification features within the Advanced Data Security (ADS) offering for Azure SQL. In this blog post, we will take a deep dive into the Vulnerability assessment.
The SQL Vulnerability assessment provides administrators with a streamlined approach to identify and even remediate potential security misconfigurations or vulnerabilities within their Azure SQL databases. The Vulnerability Assessment is a scanning service that…
In this post, I will be looking at a new
exploit that leverages a weakness in Microsoft
Windows Text Services Framework to launch a child process that allows for
the escalation of privileges. I will give a brief overview of what the Text
Services Framework service does, what the exploit is, and how it could be used.
Then, I will go into more detail about how to run the exploit and different
methods that can be used for detection and mitigation of the exploit.
What is the Text S…
What’s The Problem?
Today, with the Internet, social media, personal computers, online banking and everything else that exists, end-users need to create and maintain a large number of usernames and passwords for all of the accounts they have. This begins to create a problem. The many accounts we need to remember leads us to want to share passwords between different platforms, potentially including our work accounts. This is just one of the few contributors to the many password problems tha…