Understanding Effective Access in SQL Server
Microsoft SQL Server is the third most popular Relational Database Management System (RDBMS) as of September 2020 according to DB-Engines ranking. It is also the most confusing RDBMS when it comes to database security compared to other popular RDBMS systems, such as Oracle, PostgreSQL, etc. Having worked with Oracle for a very long time, I found SQL Server security very confusing when I started working with it for the first time. Part of the complication stems from the fact …
What is an Insider Threat?
September has been declared National Insider Threat Awareness Month (NITAM) through a joint venture between the National Counterintelligence and Security Center (NSC) and the National Insider Threat Task Force (NITTF). The goal of this effort is to educate organizations and their employees on the threat, helping them understand how it can occur through both intentional and unintentional means, and to help employees recognize and report unusual behavior.
This is amidst a particularly …
Scanning for Sensitive Data in Snowflake with Stealthbits AnyData
Having multiple public/private clouds and data repositories has become ubiquitous in professional environments. For most, gone are the days of storing all data on local filers or even in a limited set of online repositories. The reality is that each organization’s sensitive data is being stored in many cloud databases, object storage repos, SMB implementations, version control, CRM software, and more.
These days the list seems to be never-ending – Azure Storage, GitHub, Snowflake, Salesfor…
Top Data Breaches of 2020
This year has been a year like no other, with what seems to be a never-ending and always evolving set of headlines. At a glance, we’ve seen the evolution of the Coronavirus pandemic, the ongoing wildfires across not only the country but the world, the death of a basketball legend, Brexit finally coming to fruition, a civil rights uprising, and so much more.
The state of cybersecurity this year has had just as many ups and downs. While research done by the&nb…
Protecting User Credentials – Individual & Software Best Practices
With the growth of personal data privacy regulations like GDPR and CCPA, it’s clear the tech world is moving towards a Privacy by Design approach when it comes to how organizations store data and design software. While securing sensitive data is a critical concern, it’s also essential that individuals and developers continue to secure the credentials used to access that sensitive data.
This may seem obvious, however, a recent KPMG advisory shows that while 75% of Americans consider it risk…
What is the California Privacy Rights Act?
Just days before the enforcement of the California Consumer Privacy Act (CCPA) began on July 1st, 2020, the California Privacy Rights Act (CPRA) received enough signatures to qualify to be on the November ballot. This ballot initiative, also referred to as Prop 24, was drafted by the non-profit organization Californians for Consumer Privacy, and looks to extend and clarify several of the provisions in existing California privacy law. If this measure is approved, it w…
Using & Securing Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, allowing users to remotely connect to Windows workstations and servers. RDP is included in most versions of Windows, going as far back as Windows NT 4.0, and doesn’t come with additional costs or licensing requirements.
In Windows networks, this means organizations don’t need to pay for third-party software like TeamViewer, LogMeIn, or AnyDesk in order to enable their users with remote access capabilities. As a…
How to Install TLS/SSL Certificates in NetApp Clustered Data ONTAP
HTTPS has definitively become the default and expected method for internet and web app communications that transmit sensitive data, taking the place of the insecure HTTP. TLS, the successor protocol to SSL, is the backbone to HTTPS and encrypts connections so transmitted sensitive information can’t be intercepted or modified.
Besides obvious application in internet communications, HTTPS should be used with local web applications that transmit data like credentials, activity events, sensiti…
Zerologon: From Zero to Hero – Part 3
Stealthbits’ Zerologon Detection and Mitigation Solution
In my two previous blogs, we’ve gone over the new patch and update plans from Microsoft (Part 1), as well as the attack itself (Part 2). Now let’s talk about how we at Stealthbits can help. We’re actively working in the lab and investigating ways we can audit, detect, and potentially mitigate the Zerologon vulnerability. Check out the updates for each of our products below and see how they can help or what we have in the works!
An…
Zerologon: From Zero to Hero – Part 2
How Does it Work?
In Part 1 of this blog series (What is Zerologon?), we discussed how Zerologon exploits a vulnerability in NetLogon that allows a malicious actor on your network to take over a Domain Controller (DC), and eventually your entire domain. Now let’s dive into the specifics of how Zerologon works.
Using Mimikatz to Execute the Zerologon Exploit
For starters, you can easily identify if a target domain controller is vulnerable to the Zerologon exploit with Mimikatz by runn…
