Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2020

IT security under attack blog series: Instant domain persistence by registering a rogue domain controller

In this blog in the IT security under attack series, we will learn about an advanced Active Directory (AD) domain controller (DC) attack to obtain persistence in AD environments. Dubbed DCShadow, this is a late-stage kill chain attack that allows a threat actor with admin (domain or enterprise admin) credentials to leverage the replication mechanism in AD to register a rogue domain controller in order to inject backdoor changes to an AD domain.

Five worthy reads: The rise in credential stuffing attacks

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week we explore how credential stuffing attacks are evolving and why they pose a greater threat than meets the eye. Credential stuffing is perhaps the simplest form of cyberattack, but it continues to make headlines despite its lack of sophistication. It has become the attack method of choice for cybercriminals primarily because of its high success rate and ROI.

5 user behavioral patterns to look out for in a decentralized workspace

Problem: If there are thousands of employees scattered around hundreds of places, how do you keep your organization’s network safe? Solution: You should monitor your employees wherever they’re located, and devise a standard baseline of their behavior through machine learning techniques. By using that information, you can identify anomalies and protect your network from cyberattacks.

CybersecAsia Awards 2020 recognizes ManageEngine for its leadership in cybersecurity

ManageEngine’s Log360 was recently honored with the CybersecAsia Award for the Best User and Entity Behavior Analytics software application. The award certifies the important role, and the innovative technology brought to the table by Log360 over the past two years. Elevated cybersecurity risks currently experienced by organizations have driven the sudden adoption of the cloud and increased workforce mobility.

Port scanner 101: What it is and why should you use it

In today’s complex network infrastructure comprised of diverse resources, devices, and users, port scans represent a significant amount of network traffic. Crackers and hackers alike use port scanners to discover port vulnerabilities that can become attack vectors to malicious outcomes. In this post, we discuss the fundamentals of port scanning, and why you need to deploy an effective port scanner software on your network right now.

Alert AA20-302A: Federal agencies warn about ransomware attacks targeting hospitals

A cybersecurity bulletin was released by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) on October 28, 2020. The three agencies have issued a high-level warning about an increased, imminent threat of ransomware attacks in the healthcare sector. The cybercriminal group behind the TrickBot, Ryuk, and BazarLoader malware is now targeting U.S. hospitals and healthcare providers.

Tackling your network security challenges using ManageEngine ITOM solutions

Network security management typically entails end-to-end management of the entire network security infrastructure of an enterprise. However, in this rapidly changing security ecosystem, there’s an inherent need for IT admins to be extremely agile to maintain an effective security posture.