Cyber Security Awareness and Vulnerabilities Blog

Image
cs-inside-mind-of-an-attacker-post-breach-final-advice-

Getting Inside the Mind of an Attacker: After the Breach – Final Words of Advice

Oct 4, 2021
Having your Active Directory breached is bad enough, but an attacker who gains persistence is even more dangerous. The longer they are able to hide in your Active Directory forest, the better chance they have of gaining access to your organization’s crown jewels. Undetected, they can comfortably wait for the most opportune time to take control, stealing your organization’s most sensitive data and do with it what they please.
Image
Top 12 Vulnerability Scanners for Cybersecurity Professionals

Top 14 Vulnerability Scanners for Cybersecurity Professionals

Sep 27, 2021
Vulnerability scanners are valuable tools that search for and report on what known vulnerabilities are present in an organization’s IT infrastructure. Using a vulnerability scanner is a simple, but critical security practice that every organization can benefit from. These scans can give an organization an idea of what security threats they may be facing by giving insights into potential security weaknesses present in their environment.
Image
Three Tools for Maturing Your Vulnerability Management Program

Three Tools for Maturing Your Vulnerability Management Program

Sep 27, 2021
Cybersecurity has become an increasingly popular topic in day-to-day conversation, and the conclusion is always the same: organizations need to make cybersecurity a priority and work to create the best security strategy possible. However, there’s a big difference between understanding what you need versus knowing how to get it.
Image
least-privilege-access-management

What Does Least Privilege Access Actually Mean?

Sep 9, 2021
If you’re like most IT or security professionals, it seems harder than ever to manage the complexity of user access. Keeping track of access rights, roles, accounts, permissions, entitlements, credentials, and privileges is a never ending—and sometimes thankless—proposition.
Image
Core Impact Adds Integrations for Frontline VM and beSECURE

Core Impact Adds Integrations for Frontline VM and beSECURE

Sep 8, 2021
Core Security’s comprehensive penetration testing tool, Core Impact, can now import data from two additional vulnerability scanners: Frontline VM and beSECURE.
Image
Miscellaneous persistence techniques

Getting Inside the Mind of an Attacker: After the Breach – Miscellaneous Techniques for Achieving Persistence

Aug 31, 2021
In the first two parts of this series, we covered how attackers may attempt to gain persistence in Active Directory by forging Kerberos tickets or through domain replication abuse, and also discussed strategies to detect these methods.
Image
Getting Inside the Mind of an Attacker: After the Breach - Achieving Persistence with Domain Replication Abuse

Getting Inside the Mind of an Attacker: After the Breach - Achieving Persistence with Domain Replication Abuse

Aug 16, 2021
In part one of this series, we discussed how attackers may attempt to gain persistence in Active Directory by forging Kerberos tickets, as well as ways to detect these efforts. In this part, we’ll discuss another method attackers may use: domain replication abuse.
Image
What Types of Attacks Does SIEM Detect?

What Types of Attacks Does SIEM Detect?

Aug 16, 2021
Security Information and Event Management (SIEM) solutions are known for their ability to provide visibility into IT environments by monitoring data sources for unusual activity and contextualizing them for security insights.
Image
identity-access-management-remote-workforce

How to Strengthen Identity and Access Management with the Rise of a Hybrid Workforce

Aug 2, 2021
As organizations have made the transformational shift to a remote and hybrid workforce, IT and security teams are feeling increased pressure to better manage access to sensitive data and systems. The rise of a remote and expanded workforce has put additional strain on organizations and increased the potential for identity-related access risks.
Image
Why Do Ransomware Attacks Keep Happening?

Why Do Ransomware Attacks Keep Happening?

Jul 21, 2021
Did you know the first instance of ransomware was in 1989? Though we’ve moved on from floppy disks containing malware and cashier’s checks used to pay attackers, we are far from moving past ransomware. Instead, ransomware has become more streamlined, and is one of the most popular tools of both amateur and expert threat actors. Just about anyone can purchase a ransomware strain off the dark web or can have the work done for them with ransomware-as-a-service (RAAS).
Image
10 Exploits Cybersecurity Professionals are Concerned About

14 Exploits Cybersecurity Professionals Are Concerned About

Jul 21, 2021
Vulnerabilities can be found in just about any type of software—and even some pieces of hardware. Threat actors are all too eager to take advantage of these vulnerabilities, leveraging them to gain access to or escalate privileges in an organization’s IT infrastructure. When these vulnerabilities are discovered before the vendor is aware, these are known as zero-day threats.
Image
Pen tester in hoodie

Core Impact Issues Latest Exploit for PrintNightmare Flaw

Jul 19, 2021
The PrintNightmare flaw is aptly named—the serious remote code execution vulnerability in the Microsoft Windows Print Spooler service, CVE-2021-34527, can give an attacker the keys to the kingdom. The Print Spooler service does not restrict access to the RpcAddPrinterDriverEx function, allowing a remote authenticated account with low privileges to gain access from a single shared computer.
Image
network-monitoring-identity-governance

Network Monitoring and Identity Governance: How They Work Together to Enhance Your Security Posture

Jul 15, 2021
It’s no secret that keeping track of who has access to what in your organization has grown more complicated during the last year. Companies today are especially vulnerable because they often lack full visibility into the actual access levels employees possess and may not have the full picture of devices across their network infrastructure. Managing devices and user access is made even more challenging with millions of employees still working from home, leveraging devices, systems, applications, and collaboration tools that make remote work possible.
Image
after the breach part 1 thumbnail

Getting Inside the Mind of an Attacker: After the Breach - Achieving Persistence with Golden and Silver Tickets

Jul 8, 2021
In the first Inside the Mind of an Attacker series, we walked through scenarios of potential attacks on Active Directory, as well as techniques on how to identify and avoid breaches. In this series, we’ll transition to what happens after a successful compromise of Active Directory, in which an attacker attempts to gain persistence after the initial breach.
Image
Core Impact Version 21.1

An Even Better Way to Pen Test: New Features in Core Impact 21.1

Jun 30, 2021
The latest release of Core Impact has arrived! Version 21.1 demonstrates our commitment to allowing users to conduct advanced penetration tests effortlessly and efficiently. This release includes new features focused on increased visibility and ease of use, along with a simplified update process.
Image
4 Best Practices for Patch Management

4 Best Practices for Patch Management

Jun 28, 2021
As data breaches continue to dominate the headlines, suggestions for enhancing your cybersecurity stance are everywhere. While much of this advice may be worth following, it’s often complicated, entailing multi-step processes or requiring expert intervention. However, before you start exploring advanced options, it’s important to begin with the basics. When it comes to cybersecurity, the simplest advice is to always implement patches.
Image
role-design-access-security

Role-Based Access Control: Why It Delivers a Modern Approach for Managing Access

Apr 6, 2021
Relying on outdated methods to manage user access is both a constant struggle and a persistent risk to your business. Manually keeping track of users and entitlements is costly, time-consuming, and daunting. But with a modern role-based approach, you can embrace a smarter, simpler, more secure way to manage user access.
Image
Penetration Testing Frequency: How Often Should You Test?

Penetration Testing Frequency: How Often Should You Test?

Mar 30, 2021
Penetration testing has become an increasingly standard exercise, with organizations using either pen testing services or in-house teams to uncover weaknesses and assess their security posture.
Image
3 Reasons You Should Be Using SIEM

3 Reasons You Should Be Using SIEM

Mar 24, 2021
Security Information and Event Management (SIEM) solutions have been around for years, helping to identify and escalate critical security events. SIEM solutions have become integral to many organizations’ security portfolios. In fact, according to the 2021 SIEM Report by Cybersecurity Insiders, 74 percent of respondents ranked SIEM as very to extremely important to their organization’s security posture.
Image
Core Impact Tiered Pricing

How The Power of Core Impact is More Accessible Than Ever Before

Mar 8, 2021
Security teams are increasingly turning to penetration testing tools to advance their in-house programs through strategic exploitation automation. However, it can be challenging to round out a comprehensive and integrated pen testing toolset that meets both your organization’s requirements as well as your budget.
Image
privileged-access-management-lock

Why Privileged Access Management Matters Now More Than Ever

Mar 4, 2021
If the last year has demonstrated any lessons for IT and security teams, it’s this: managing privileged access should be a top priority for the business. When a large portion of the workforce began working remotely, there was a frenzy to extend access so individuals could perform their jobs from home. Yet this may have unintentionally caused inappropriate access levels to be extended to employees. This becomes especially problematic if those access levels are elevated or privileged within the business.
Image
connectors-gears-with-arrows

Three Ways an Identity Governance Solution Should Integrate with Enterprise Data

Feb 18, 2021
Chances are your organization is relying on an extensive number of enterprise applications, systems, and platforms to ensure successful execution of the business. According to an article in The Wall Street Journal, large organizations rely on an average of nearly 130 applications across their business, while smaller firms use around 70 applications on average.
Image
The Importance of Source Code Audits and Application Pen Tests thumb

The Importance of Static Application Testing and Application Pen Tests

Feb 15, 2021
Pen testing is a well-established practice for many organizations. With such diverse environments consisting of different applications from different vendors, it’s safe to assume security weaknesses are lurking somewhere. But why aren’t these security flaws found earlier, by the creators themselves? In this blog, we’ll explore why applications should also go through security testing and review during the development stage.
Image
remote-workforce-access

Remote Work Is Here to Stay: How to Deal with Access Risks Across an Expanded Workforce

Feb 11, 2021
While no one could have anticipated the way in which COVID-19 would change the workforce over the last year, perhaps even more unexpected is the lasting impact the pandemic will have on remote work. With millions of employees still working from home, organizations are especially vulnerable because they lack visibility into the actual access levels employees possess across the collaboration tools and applications that make remote work possible.
Image
3 Ways Core Impact Can Benefit Large Security Teams

3 Ways Core Impact Can Benefit Large Security Teams

Feb 2, 2021
As the need for regular security assessments continues to grow, penetration testing tools are helping organizations advance their in-house programs through strategic automation. However, there is a misconception that automated tools are best for those with a reduced headcount, like small teams or individuals.