Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE


And other things that keep you up at night

Blog >Uncategorized

Browsed By
Category: Uncategorized

patch management process to stop ransomware

Malware: ILOVEYOU Melissa & still you make me WannaCry

Protect Your Unpatched Systems Against Malware What do the Melissa virus, ILOVEYOU worm and the WannaCry ransomware have in common? After patches were made available, they were still successfully spreading. Secondary storage also played a role in these infections. As malware evolved from nuisance to profit-driven, secondary storage became less of an infection vector and more of an opportunity to ransom data. I choose to highlight Melissa somewhat randomly, but mostly because it was 18 years …

5 Essential Steps to EU GDPR – Part 5: GDPR The Ticking Time Bomb

At the time of writing this blog, there are 378 days, 8 hours until the GDPR comes into force. That’s 54 weeks or approximately 270 weekdays, not considering public holidays. Surely plenty of time to get everything in place and ensure your business is compliant. Right? Wrong! Let me back this up by putting some context around the various elements discussed in the previous blogs in this series. The GDPR Project Obviously, no two organisations are identical so for the sake of illustrati…
WannaCry Ransomware and EU Data Protection Regulation

Lucky 13: WannaCry Ransomware and EU GDPR

WannaCry Ransomware and GDPR 13 Months. That is the number of months (from the time of this writing) separating the #WannaCry attack from being not just a massive information security “incident” but the single largest test of the EU General Data Protection Regulation (GDPR). We are not going to focus on the WannaCry ransomware in this post though. If you’re interested in my technical breakdown, you can read my previous post. Today, I want to double-click past the malware and look at what t…
WannaCry Ransomware outbreak what you need to know

What you need to know about the WannaCry Ransomware

WannaCry / Wcry / WannaCrypt Ransomware A large-scale cyber attack (WannaCry ransomware) that began on May 13th has already infected over 230,000 computers in 150 countries, demanding ransom payments in 28 languages – these numbers continue to grow and given the patch for the vulnerability being exploited is only two months old, we are likely to see these numbers increase. The perpetrators of the attack are not yet known, however, the origins are. The infection vector was made “wormable…
Internet of Things

Amazon Echoes, Fitbits, and Fuzzy Handcuffs – Another Reflection on the Internet of Things

I’m Going to Start This Blog out With a Story The other weekend my roommate and I had some company over to our apartment. It was like any other Friday night – friends chatting, music playing, and a few adult beverages being passed around. However, as we were leaving to go out to the bars, one of our guests decided it would be hilariously funny to play a little prank. Unbeknownst to me, he used the voice ordering feature on my Amazon Echo (something that I had never turned on, utilized, or co…
active directory auditing and reporting on effective permissions

StealthAUDIT 8.0: Active Directory Permissions Analyzer

Active Directory Permissions The release of StealthAUDIT 8.0 delivers enhanced Active Directory (AD) Permissions analysis capabilities. This is welcome news to the over 90% of organizations that use Active Directory to control who can access their network and resources. I say welcome because there are so many different ways to grant privileged access to AD and no easy way to see all these permissions in one place with native tools. Permissions Analyzer That’s where comes StealthAUDIT for Acti…

Automate Least Privilege Access with Resource-Based Groups

The success of any Data Access Governance program starts with implementing a resource-based groups provisioning workflow by automating the least privilege access model. StealthAUDIT 8.0 automates the application of least privilege access control across file systems in bulk and at scale. By converting existing access control lists to a resource-based group security model and revoking excessive privileges, StealthAUDIT programmatically protects data from exfiltration and ransomware.   …
Identify Absolutely Every Privileged Active Directory User and Detect New Ones

Top 10 Ways to Identify and Detect Privileged Users by Randy Franklin Smith

Privileged users are the penultimate goal of cyberattacks. Once attackers have privileged access, it’s only a small step to the information they want to steal. Cybercriminals leverage tools such as malware and phishing scams to gain a foothold within your organization, looking for ways to access and utilize credentials. In “wash, rinse, repeat” fashion, attackers patiently claw and scrape their way from first gaining access to a low-level local account all the way up to getting the highest pr…
4 Steps to Ensure NYCRR 500 Compliance

4 Steps to Ensure NYCRR 500 Compliance

What is NYCRR 500? On March 1st, 2017, the New York State Department of Financial Services put into effect new cybersecurity requirements of its ‘covered entities’. Those entities include banks, trusts, budget planners, check cashers, credit unions, money transmitters, licensed lenders, mortgage brokers or bankers, and insurance companies that do business in New York. Within the next 180 days (starting from March 1st 2017), organizations must ensure they have a comprehensive Cybersecurity Pr…

5 Essential Steps to EU GDPR – Part 4: Stealthbits Technologies, a logical fit for EU GDPR

In part three we discussed how no one person, organization or vendor has ‘the’ silver bullet to GDPR compliance.  What you need is an array of tools and people to address the many challenges ahead. Saying that not all technical solutions are equal in their value to a GDPR project. Given GDPR is a Data Governance project (as discussed in part two), it makes sense to leverage both technology and people with Data Governance running through their veins Stealthbits is that. Stealthbits has focu…




© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.