Going remote is the new reality as we continue to grapple with a devastating global pandemic. The transition to remote learning in our nation’s schools, in particular, has created a new level of upheaval and burden that’s impacted most every home and community. Luckily, most of Stealthbits’ existing corporate customers switched to digital work rather seamlessly after testing and reinforcing the security of their networks and IT infrastructure. Educational institutions, on the other hand, were…
Webinar Preview: Back to “The Basics” – Pragmatic advice from Gavin Ashton, author of “Maersk, me, & notPetya”
Part 1 – Ransomware
The origins of modern ransomware trace back all the way to the AIDS trojan of 1989. Its use of simple symmetric cryptography and gentle extortion of $189 seems almost infantile compared to the techniques used and extortions of today. In the midst of a global pandemic, ransomware has been on the rise – economically motivated actors would never m…
The following blog post was created using an excerpt from the Stealthbits Technologies/emt Distribution presentation “Prioritizing Password Security with Troy Hunt: The Good, the Bad, and the Ineffective”. Please see here to view the complete presentation.
Let’s talk about passwords. In particular, let’s talk about where we’ve come from, where we are at the moment, and where things are going in the future.
The history lesson of passwords is enormously important because it help…
What is it?
SigRed, CVE-2020-1350, is a remote code execution vulnerability in the Microsoft Windows DNS server that was publicly disclosed on July 14, 2020, by Israeli cybersecurity firm Check Point.
When a DNS server receives a query for a domain it isn’t responsible (authoritative) for it asks a DNS server further up the hierarchy which DNS server is, and then queries that DNS server for the record. The vulnerability exists in how the Windows DNS server parses t…
With breaches and cyber-attacks continually increasing every year, a constant stream of compromised passwords finds their way to the dark web for purchase and use. This should NOT be a surprise. 80% of breaches involved stolen or misused credentials1. And this makes sense … why use advanced attack techniques when stealing credentials and assuming user identities is easier, less detectable, and still works?
Stealthbits leverages the “Have I Been Pwned” breach password dictionary within Stea…
ALERT: If you are NOT a StealthINTERCEPT Enterprise Password Enforcer or StealthAUDIT customer, view this blog for greater relevance and a more appropriate read.
With 34% of people saying they share passwords with coworkers1 and 62% reusing the same password for work and personal accounts2, the importance of checking passwords is paramount.
Last Friday (June 19, 2020) we saw our first update to the “Have I Been Pwned” (HIPD) database in almost 12 months. The dat…
In the File Systems Data Collector for StealthAUDIT, we collect various types of information about files and folders including permissions, file size, activity data, sensitive data, etc. One of the most important aspects of a file system resource (file, folder, or share) is “does that resource still exist”? While this might on the surface seem like one of the easiest things to collect, there was a range of mitigating factors that limited the accuracy in which we could report on this info…
The privileged access management (PAM) market is heating up! According to the 2020 KuppingerCole Leadership Compass for PAM there are roughly 40 vendors in the space with combined annual revenue of $2.2 billion, which is predicted to grow to $5.4 billion a year by 2025. This represents a compound annual growth rate (CAGR) of 20%.
The takeaway: More and more organizations are looking to invest in the next generation of PAM solutions, which offer advantages over more traditional and now…
Azure Information Protection (AIP) is Microsoft’s cloud-based solution for classifying and, optionally, protecting sensitive documents and emails in both cloud and on-prem environments. AIP is a powerful tool (that we’ve discussed before) that can automatically apply labels and encrypt files based on admin-defined rules, and even protect documents after they’ve left an organization’s network.
Changes to AIP Administration
AIP was released in 2016, however, the product received…
If you’re storing data in Amazon S3 (Simple Storage Service) buckets, it’s highly likely you’ve taken a look at Amazon Macie. If you’re new to the AWS ecosystem, Macie is a tool Amazon built to help S3 users discover, classify, and protect the sensitive data they store in their S3 instances.
On a positive note, offering a tool like Macie is a good thing as Amazon S3 users have had their fair share of challenges keeping their buckets (and the data within them) out of harm’s way. The visibil…
Let’s face it – security professionals struggle to keep up with and defend their organizations against the wide variety of tactics, techniques, and procedures (TTPs) attackers can use to infiltrate networks, elude detection, compromise credentials, and escalate privileges on their way to compromising enterprise data. Correspondingly, there is an ever-increasing number of storage platforms and repositories available to house the data security professionals need to protect, both on-premises and…