Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Data Lifecycle Management

Data lifecycle management (DLM) is the process of safeguarding data appropriately throughout its existence. The basic data lifecycle stages are creation, storage, data usage, sharing and destruction: Figure 1. The 6 basic data lifecycle management stages The goal of DLM is to ensure data security and regulatory compliance during all stages without throttling business productivity. Achieving this goal requires different processes and policies at various times during the data lifecycle.

Stealing Credentials with a Security Support Provider (SSP)

Mimikatz provides attackers with several different ways to steal credentials from memory or extract them from Active Directory. One of the most interesting options is the MemSSP command. An adversary can use this command to register a malicious Security Support Provider (SSP) on a Windows member server or domain controller (DC) — and that SSP will log all passwords in clear text for any users who log on locally to that system.

Compromising SQL Server with PowerUpSQL

If you’re after a toolkit to own Microsoft SQL Server from end to end, what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise and own just about any SQL system. It’s the whole kill chain in one tool. This article details how to perform the critical attack steps using PowerUpSQL.

PowerShell Tips and Tricks for Scripting in Active Directory Test Environments

PowerShell is one of the most efficient management methods in the Windows Server world. This article offers tips and tricks to learn about one of the most common scripting scenarios: using PowerShell in test, demo and quality assurance (QA) environments, which frequently need to be rebuilt or adjusted to fit a new need or process. We’ve chosen the most useful PowerShell tips based on real-world experience with colleagues and customers.

Using Windows Defender Credential Guard to Protect Privileged Credentials

The compromise of a single Active Directory credential can lead to unauthorized access to your servers, applications, virtualization platforms and user files across your enterprise. One of the reasons for credential vulnerability is that Windows stores credentials in the Local Security Authority (LSA), which is a process in memory.

Cutting Down the AD Red Forest

Microsoft recently updated its guidance for how organizations should approach privileged access in Active Directory (AD). A key component is shifting from the tiered access model (TAM) and the Enhanced Security Admin Environment (ESAE) (also known as the Active Directory Red Forest) to the Enterprise Access Model (EAM). This article explains the drawbacks of the older models and the key principles of EAM.

Tips for Better Password Management

Even as more advanced forms of authentication, such as biometrics, are developed and implemented, passwords continue to be a commonly used form of authentication. This is partly due to the fact that they are relatively simple to implement and require little infrastructure to support. However, the fact that they are so widely used also means that they are a common target for hackers, which is why it’s so important to use strong, unique passwords and manage them properly.