Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Uncategorized

Browsed By
Category: Uncategorized

5 Critical Events to Audit with Microsoft SQL Server

Data security is more important than ever.  Some of your most important information resides within databases, so devising a sound database security and auditing strategy is a must. CSO published an article earlier this year listing the top 16 security breaches of the century based on how much risk or damage the breach caused. Out of these 16 attacks, databases were at the heart of at least 4, including the Heartland Payment Systems breach in March of 2008, the result of a SQL injection attack…

The Danger of Access Risks with GDPR: The story of Artie Fact

How much personal data are your employees able to access? What you don’t know will surprise you…and could possibly hurt you. Imagine you’ve been with a company for 10, 20, even 30 years. How many roles have you had? How many applications have you worked with over that period? If you’re like many individuals, you will likely have switched jobs at least 2 or more times. Here’s the (fictitious) story of Artie.  Artie Fact has been with HappyGoLucky (HGL) Global for 5 years. He loves the op…

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

| Adam Laub | | Leave a Comment
Awareness is the first and most essential ingredient in any successful risk mitigation strategy.  StealthAUDIT v8.1 has been enhanced to extend your awareness into high risk conditions that can easily sneak up on you in three key ways: SQL Database Security – Discover, assess access, and monitor activity within SQL databases, scouring each for sensitive data that attackers are likely to target Weak Password Identification – Identify Active Directory user accounts leveraging passwords con…
Attacking Weak Passwords in Active Directory

Attacking Weak Passwords in Active Directory

| Jeff Warren | | Leave a Comment
In our last post, we learned about password spraying and how effective this can be to compromise AD accounts with weak and commonly used passwords.  Now let’s take a look at how an attacker could take this approach and put it into practice to compromise your domain.  For that, we are going to use BloodHound, a very useful open-source application for penetration testing AD security and planning attack paths to compromise high value accounts.  We’ve covered BloodHound in our perm…
Happy NCSAM

National Cyber Security Awareness Month (NCSAM) – Week 5 – Protecting Critical Infrastructure From Cyber Threats

If you haven’t heard, October was National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team observed the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The fifth week theme for National Cyber Security Awareness Month (NCSAM) is “Protecting Critical Infrastructure F…

Down the Bad Rabbit Hole

Update 2017-10-27 1:30pm EDT: Multiple researchers are reporting an exploit in the BadRabbit sample that is largely based on the EternalRomance exploit published in the ShadowBrokers leak. On October 24, 2017, STEALTHbits was alerted to a ransomware campaign spreading across Eastern Europe and Russia. There are reports that the infection is leveraging the EternalBlue, the exploit generally believed to be developed by the U.S. National Security Agency (NSA), however there is no evidence to su…

National Cyber Security Awareness Month (NCSAM) – Week 3 – Today’s Predictions for Tomorrows Internet

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The third week theme for National Cyber Security Awareness Month (NCSAM) is “Today’s Predictions for Tomorr…
Insider Threat Podcast

File System Attacks – Insider Threat Podcast #9

In the ninth edition of the Insider Threat Podcast, Jonathan Sander and I did a little role reversal. I played Zorak to Jonathan’s Space Ghost and was asking the questions – the topic this week is File System attacks. A topic that we have noticed not many struggles with, but one that we increasingly see as an attack vector. Jonathan has been researching these attacks recently and has been blogging about them in length. So we sat down to talk about the ways File Systems can be attacked, data e…
Cybersecurity in the Workplace Is Everyone’s Business

National Cyber Security Awareness Month (NCSAM) – Week 2 – Cybersecurity in the Workplace Is Everyone’s Business

If you haven’t heard, October is National Cyber Security Awareness Month (NCSAM). NCSAM is sponsored by U.S. Department of Homeland Security and the National Cyber Security Alliance, and each week of the month has a different theme. The STEALTHbits team will be observing the month with a new blog post on the theme each week. So stay tuned in to catch all the NCSAM info coming your way. The second week theme for National Cyber Security Awareness Month (NCSAM) is “Cybersecurity in the Workpl…
Figure 1 Searching the whole C: drive for NTFS Extended Attributes

Attack Step 3: Persistence with NTFS Extended Attributes – File System Attacks

What Does Persistence Mean on a File System? In our first file system attack, we found places where we’re likely to get good data with the credentials we’ve been able to steal. Our second attack let us focus in on only the data that is worth the time to steal so we can lessen the chances of getting caught – or at least get the best stuff before we do. The final stage in these attacks is typically persistence. Finding a way to stay in the systems even after we get caught and tossed out the fi…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL