INSIDER THREAT SECURITY BLOG

Do you have sensitive data in your Exchange mailbox? What would happen if your mailbox was accessed with malicious intent? The first step to mitigating your risk is to know if an unauthorized person has accessed your mailbox. You don’t need to know what the burglar is trying to steal to know they’re in your house. The next question, however, is not who, but what. In my previous blog post about monitoring non-owner mailbox access in Microsoft Exchange (Microsoft Exchange, Non-Owner…

It’s your worst fears come true. You try to log onto your LinkedIn account. Maybe it’s Tumblr or even your Dropbox profile. Perhaps you’ve been thawed out after being cryogenically frozen for the last 10 years and attempt to access a new, Tom-less Myspace. But all of them return an error. Your password has been changed. Spam messages start flowing from your hijacked account, flooding your news feed with offers for certain ‘enhancement’ pills. What other information did you have on there? How…

In listening to Adam Rosen’s recent webinar, I learned that nearly 60 percent of security breaches involve the theft of unstructured data.[i] And, only 12 percent of organizations are confident they can detect a breach involving unstructured data.[ii] Given that 80% of an organization’s data is unstructured,[iii] is it any wonder a hacker was able to steal login credentials and personal information from Sony, including Sylvester Stallone’s social security number? Going Rambo won’t protect yo…

In politics, information is power. Just one small comment or suggestion from a candidate or figure held in high esteem can potentially sway entire elections. Politicians also hold access to a treasure trove of sensitive information, not intended for the masses. That’s why Hillary Clinton’s private server fiasco is such a big deal in the eyes of many. But with the leaks of the Democratic National Committee (DNC) emails, and more recently, the hack of Colin Powell’s account, can we really…

Over the years, I’ve had the privilege of attending many trade shows and conventions; some better than others. However, one thing remains the same – meeting interesting people. As a vendor, you attend expecting to be the one showing people how things are done. More often than not, though, this becomes a two-way conversation and I go home with plenty of new and exciting ideas to be thinking about. This year’s Black Hat USA in Las Vegas was no exception. Logs, logs files everywhere and not an…

We live in a very connected world, and it’s only becoming more connected. Every day I see more and more commercials etching us further toward the “home of the future.” Not long ago would it have been unthinkable to see commercials for a Wi-fi enabled refrigerator complete with a massive touch screen (presented by America’s favorite celebrity couple) or a thermostat controlled by your phone. Now, not a day goes by that I don’t see Alec Baldwin pitching an Amazon Echo. The “internet of things…

A “dot” release has never packed a bigger punch! The latest release of StealthAUDIT is all about what it should be; controlling and securing credentials and data. Attackers – whether internal or external – are after at least one of these two things, but usually both.  They continue to slip past the perimeter with relative ease, and once they do, operate undetected and largely unencumbered while they map out the environment and infect system after system like a digital cowbird. These at…

Who’s talking to my Active Directory? What is LDAP? Active Directory, ADAM and AD-LDS.  Microsoft’s implementation of directories that follow the X.500 standard.  Referred to as Lightweight Directory Access Protocol, or LDAP to the layman: A directory tree Domain Hierarchy Objects consisting of various attributes Users, Groups, Computers Attributes have a type, a name and a value(s) Name, sAmaccountName, Description, SIDHistory Sets of attributes make up the schema …

All it took was one recycled password. If you haven’t heard the news yet, former executive for the St. Louis Cardinals baseball team Christopher Correa has officially been sentenced to 46 months in prison for hacking. This victim in this case? (Former) Rival team the Houston Astros and their internal database/communications hub aptly named “Ground Control.” So how does something like this happen? Baseball is supposed to be a game of integrity and sportsmanship! Well, it’s important to r…

Group Policy is a native Microsoft technology. It allows organizations running Active Directory to centrally control and configure both user and computer settings to domain-joined machines. Group Policy allows administrators to make sweeping changes to all aspects of connected operating systems, including the Registry, for example. When implemented properly, this technology simplifies overall operating system configuration, patching, software deployment, and security. When implemented imprope…