Day after day, we see the evidence of an increased number of breaches. As a Privileged Account Management (PAM) provider, we are also seeing a similar increase in requests for proposals on our Core Privileged Access Manager (BoKS) solution. What is most interesting is that a large number of security professionals who contact us indicate that they are not not even sure what privileged accounts are...

“Some cloud vendors tout that systems deployed within their framework require little or no administration: You create an image with the software and applications that you want it to provide services for, spin it up in a management console, and Voila! you have an entirely new system online; with minimal cost, no hassle, little work. However, even with newer models for virtualization appearing on...

Authored by: Julio Sanchez In part 3 of this series, we examined a penetration testing engagement that the Core Security Services team performed, simulating an insider attacker with low-level credentials escalating their privileges with Kerberos tickets and pass-the-hash attacks. In this final scenario, we’ll explore another insider attack engagement, demonstrating how different techniques can be...

Implementing an Identity Governance and Administration (IGA) solution can be a daunting task. Organizations of all sizes recognize the complexity of mitigating identity-related access risks across countless devices, applications, and systems, but need a way to see through the competing priorities and to understand that IGA is not an all or nothing proposition. Rather than a destination, Identity...

A common tactic of attackers trying to breach an environment is to use an exploit against a known vulnerability in an application or device present in a targeted infrastructure. Exploiting a vulnerability can provide an attacker with privileges or capabilities they would not normally be granted. In order to provide insight into what threat actors might be able to do, pen testers also use exploits....

Authored by: Julio Sanchez In part 2 of this series, we examined a penetration testing engagement that the Core Security Services team performed, simulating an external attacker with no internal access finding entry using a password spray attack, eventually gaining control of Active Directory. Continuing our exploration of Active Directory attacks, we’ll share another scenario in order to further...

The impact of COVID-19 has been far-reaching across nearly every sector. Millions of employees now work remotely, making companies particularly vulnerable when it comes to external access risks. Many organizations lack a centralized process to manage user access to accounts and resources. They often have limited visibility into access levels users possess to data and systems within their network....

Financial services information security continues to be a top priority across the entire financial sector—and for good reason. The Verizon Data Breach Investigations Report found that financial profit or gain was the primary motivation in 71 percent of all information security incidents, making financial services organizations a prime target for attack. According to the Bitglass’ Financial Breach...

For small and mid-sized organizations, mitigating identity-related access risks may seem like a never-ending struggle they face on their own. Tasked with supporting countless systems, networks, and applications with access to key data, they frequently have limited staff and rely on manual user provisioning and deprovisioning. They may depend on decentralized processes for managing accounts...

Authored by: Julio Sanchez In part 1 of this series, we explored what makes Active Directory so appealing to threat actors, and how attacks can severely harm an organization. For the remainder of the series, we’ll walk through several examples taken from penetration testing engagements the Core Security Services team has performed to explore ways attackers may target Active Directory, and discuss...