Netwrix Enterprise Auditor (formerly StealthAUDIT) 11.6 has been released LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Search

Featured Blog

Back to “The Basics” Blog Series

| Gerrit Lansing | | 1 Comment
Webinar Preview: Back to “The Basics” – Pragmatic advice from Gavin Ashton, author of “Maersk, me, & notPetya” Part 1 – Ransomware The origins of modern ransomware trace back all the way to the AIDS trojan of 1989. Its use of simple symmetric cryptography and gentle extortion of $189 seems almost infantile compared to the techniques used and extortions of today. In the midst of a global pandemic, ransomware has been on the rise – economically motivated actors would never m…

A History of Passwords

| Troy Hunt | | 1 Comment
The following blog post was created using an excerpt from the Stealthbits Technologies/emt Distribution presentation “Prioritizing Password Security with Troy Hunt: The Good, the Bad, and the Ineffective”. Please see here to view the complete presentation. Let’s talk about passwords. In particular, let’s talk about where we’ve come from, where we are at the moment, and where things are going in the future. The history lesson of passwords is enormously important because it help…

What is the SigRed vulnerability in Windows DNS Server?

| Joe Dibley | | 1 Comment
What is it? SigRed, CVE-2020-1350, is a remote code execution vulnerability in the Microsoft Windows DNS server that was publicly disclosed on July 14, 2020, by Israeli cybersecurity firm Check Point.   When a DNS server receives a query for a domain it isn’t responsible (authoritative) for it asks a DNS server further up the hierarchy which DNS server is, and then queries that DNS server for the record. The vulnerability exists in how the Windows DNS server parses t…

The Importance of Updating Your Breach Password Dictionary

| Damon Tepe | | 1 Comment
With breaches and cyber-attacks continually increasing every year, a constant stream of compromised passwords finds their way to the dark web for purchase and use. This should NOT be a surprise. 80% of breaches involved stolen or misused credentials1. And this makes sense … why use advanced attack techniques when stealing credentials and assuming user identities is easier, less detectable, and still works? Stealthbits leverages the “Have I Been Pwned” breach password dictionary within Stea…

PROTIP: How to Update the “Have I Been Pwned” (HIBP) Breach Dictionary in StealthINTERCEPT Enterprise Password Enforcer and StealthAUDIT

ALERT: If you are NOT a StealthINTERCEPT Enterprise Password Enforcer or StealthAUDIT customer, view this blog for greater relevance and a more appropriate read. With 34% of people saying they share passwords with coworkers1 and 62% reusing the same password for work and personal accounts2, the importance of checking passwords is paramount. Last Friday (June 19, 2020) we saw our first update to the “Have I Been Pwned” (HIPD) database in almost 12 months.  The dat…

Improving the Accuracy of Detecting Deleted Resources

In the File Systems Data Collector for StealthAUDIT, we collect various types of information about files and folders including permissions, file size, activity data, sensitive data, etc. One of the most important aspects of a file system resource (file, folder, or share) is “does that resource still exist”? While this might on the surface seem like one of the easiest things to collect, there was a range of mitigating factors that limited the accuracy in which we could report on this info…

Stealthbits Named Innovation Leader in New KuppingerCole Leadership Compass for PAM

The privileged access management (PAM) market is heating up! According to the 2020 KuppingerCole Leadership Compass for PAM there are roughly 40 vendors in the space with combined annual revenue of $2.2 billion, which is predicted to grow to $5.4 billion a year by 2025. This represents a compound annual growth rate (CAGR) of 20%. The takeaway: More and more organizations are looking to invest in the next generation of PAM solutions, which offer advantages over more traditional and now…

Migrating Azure Information Protection (AIP) Classic Labels to Unified Labels

Azure Information Protection (AIP) is Microsoft’s cloud-based solution for classifying and, optionally, protecting sensitive documents and emails in both cloud and on-prem environments. AIP is a powerful tool (that we’ve discussed before) that can automatically apply labels and encrypt files based on admin-defined rules, and even protect documents after they’ve left an organization’s network. Changes to AIP Administration AIP was released in 2016, however, the product received…
An Amazon Macie Alternative

An Amazon Macie Alternative

| Adam Laub | | 1 Comment
If you’re storing data in Amazon S3 (Simple Storage Service) buckets, it’s highly likely you’ve taken a look at Amazon Macie. If you’re new to the AWS ecosystem, Macie is a tool Amazon built to help S3 users discover, classify, and protect the sensitive data they store in their S3 instances. On a positive note, offering a tool like Macie is a good thing as Amazon S3 users have had their fair share of challenges keeping their buckets (and the data within them) out of harm’s way. The visibil…
Announcing StealthAUDIT 10.0 Mitigating Security Risks On-Premises and in the Cloud

Announcing StealthAUDIT 10.0 – Mitigating Security Risks On-Premises and in the Cloud

| Dan Blidner | | 1 Comment
Let’s face it – security professionals struggle to keep up with and defend their organizations against the wide variety of tactics, techniques, and procedures (TTPs) attackers can use to infiltrate networks, elude detection, compromise credentials, and escalate privileges on their way to compromising enterprise data. Correspondingly, there is an ever-increasing number of storage platforms and repositories available to house the data security professionals need to protect, both on-premises and…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL