Resources

External Attacks on Active Directory
Blog

Getting Inside the Mind of an Attacker Part 2: External Attacks on Active Directory

Tue, 09/22/2020
Authored by: Julio Sanchez In part 1 of this series, we explored what makes Active Directory so appealing to threat actors, and how attacks can severely harm an organization. For the remainder of the series, we’ll walk through several examples taken from penetration testing engagements the Core Security Services team has performed to explore ways attackers may target Active Directory, and discuss...
Penetration Testing
Phishing
Mysterious hacker
Article

Are your Domain Controllers Protected from CVE-2020-1472 Zerologon Attacks?

What You Need to Know About Netlogon and Zerologon On September 11th, 2020, researchers at Secura published information on a critical vulnerability in Microsoft’s Netlogon authentication process which they dubbed “Zerologon." It is a cryptographic flaw that has a clear path to full takeover of an Active Directory domain. The vulnerability allows an attacker to reset the machine account password of...
Penetration Testing
Identity-Access-Management-Lock-Image
Blog

The Intersection of RPA and IGA: Why Automation and Identity Governance Go Hand-in-Hand

Wed, 09/16/2020
The rise of robotic process automation (RPA) during the last several years has enabled organizations to adopt new technologies that drive efficiencies across their business. RPA solutions leverage software robots that communicate with business systems and applications to streamline processes and reduce the burden on employees for completing mundane, repetitive tasks. Embracing new technologies...
IGA
3 Reasons Every Organization Should Leverage Third-Party Pen Testers
Blog

3 Reasons Every Organization Should Leverage Third-Party Pen Testers

Tue, 09/15/2020
Penetration testing, also known as a pen test, is a security exercise that reveals an organization’s security vulnerabilities through a defined testing process. A penetration test may focus on networks, applications, physical facilities, individuals, and more. As cybersecurity breaches continue to plague organizations, compliance mandates are expanding, more organizations are attempting to deploy...
Penetration Testing
Blog

Perspectives on the Changing Linux Ecosystem

Thu, 09/10/2020
In the early 1990s the Open Software Foundation formed a committee to select and standardize a new Management Platform Toolset for and from the UNIX ecosystem. After much soul searching over a few months the OSF Management Platform never arrived. One of the committee, from the team that invented The Newcastle Connection (1980s *NIX history, go Google it) made a compelling presentation explaining...
PAM
Password Attacks Thumbnail
Blog

6 Ways to Defend Yourself Against Password Attacks

Wed, 09/09/2020
Ever since Ali Baba uttered “open sesame,” thieves have been using stolen passwords to access hidden riches. In the digital world, password attacks have been and continue to be a common way for threat actors to gain access to an organization’s treasure trove of data. No matter how many emails we get from IT explaining what makes a good password, many of us still use the same basic password in...
Penetration Testing
Phishing
5 Security Tips
Blog

5 Things You Need to Know about Ransomware

Wed, 09/09/2020
Earlier this year, we mentioned ransomware as a trend to watch in 2017. While some experts believe it will hit a plateau this year, that doesn’t mean that it will be any less harmful to businesses and consumers alike. Here are 6 things to know about ransomware: 1. Ransomware will be harder for you to detect Bad actors know that targeting businesses is harder due to the safeguards most...
Threat Detection
Video

Responding to Ransomware: Steps to Take to Reduce Your Risk

Wed, 09/09/2020
Ransomware is used to gain and withhold access to an organization’s data, threatening to either destroy or publicly publish it unless a ransom is paid. However, there is no guarantee the data will actually be returned. The result is often devastating, and recovery can cost far more than the initial ransom when you factor in damage to the reputation, loss of productivity, and lost business. Watch...
Threat Detection
How Mature is Your Vulnerability Management Program?
Blog

How Mature is Your Vulnerability Management Program?

Wed, 09/02/2020
Security vulnerabilities are one of the most common problems in cybersecurity today, as they may exist in operating systems, services and application flaws, improper configurations or risky end-user behavior. According to the statistics from the Common Vulnerabilities and Exposures list, 12,174 new vulnerabilities were uncovered in 2019—over 13 times as many as were discovered in 1999, when the...
Penetration Testing
Red Team
Compliance
IGA and the Cloud: What You Need to Know
Blog

IGA and the Cloud: What You Need to Know

Fri, 08/28/2020
With the rise of cloud computing, organizations have expanded their reliance upon cloud platforms. Many have expanded their capabilities and capacity through cloud servers, while others have adopted a hybrid approach that includes both cloud and on-premise environments. Gartner predicts that by the end of 2020, ‘75 percent of organizations will have deployed a multi-cloud or hybrid cloud model,’...
IGA
Blog

Tips for Helping Vulnerability Managers Sleep Easier

Thu, 08/27/2020
Wouldn’t it be nice to sleep easy at night and not have to worry if your vulnerability management program is really catching all the vulnerabilities that could be and are in your environments? Wouldn’t it even be nicer if you could get them prioritized by risk and truly make sure they are mitigated or remediated based on what attackers may try to leverage first? How about that resource(s) who now...
Blog

4 Steps to a Winning Vulnerability Management Program

Thu, 08/27/2020
Many winning vulnerability management programs have evolved to include additional solutions and workflows, beyond scanning, adding to a larger picture required to truly understand how an adversary could and will attack. Here are few best practices to keep in mind when maturing your own vulnerability management program: 1. Understand your company’s risk Do you know how much risk is acceptable to...
Security Tips
Blog

The Biggest Problem with User Access and How To Fix It

Thu, 08/27/2020
Did you know that one of the top nine attack types consistently covered in Verizon’s Data Breach Report are insider threats and privileged misuse? According to this year’s report, 66% of insiders steal information in hopes of selling it for cash, 17% are just unsanctioned snooping and 15% are taking it in order to take the information to a new employer. What is the root cause of all of these...
IGA
Security lock breaking
Blog

6 Realities for Effectively Managing Privileged Accounts

Thu, 08/27/2020
Big or small, every organization has accounts that hold ‘keys to the kingdom’ credentials. Almost every account holds some level of privilege that can potentially be compromised, resulting in not only financial, but reputational damage. Looking at top patterns in the 2016 Verizon Data Breach Investigations Report, insider and privileged misuse lands the second most common cause of breaches, 16% of...
PAM
Pen tester in hoodie
Blog

4 Common Mistakes in Pen testing

Thu, 08/27/2020
Are you guilty of any of these mistakes in your pen-tests? Maybe you've never done these before and now you'll forever remember these as things to avoid when running any future penetration tests. 1. Improperly disposed network gear It’s surprising how often there are still configurations on network gear after disposal. This is putting your company at risk beyond their lifespan. 2. Devices with...
Penetration Testing