Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Once an adversary has compromised privileged credentials, for example, by exploiting an attack path, they want to make sure they don’t lose their foothold in the domain. That is, even if the accounts they have compromised are disabled or have their passwords reset, they want to be able to easily regain Domain Admin rights. One way to achieve this persistence is to exploit features of Active Directory that are intended to keep privileged accounts protected: AdminSDHolder and SDProp.

In today's increasingly mobile-driven world, securing our digital assets and protecting sensitive information is of paramount importance. To address this need, the National Institute of Standards and Technology (NIST) recently released the latest version of their publication, NIST 800-124 Rev. 2: Guidelines for Managing the Security of Mobile Devices in the Enterprise.

The Utah Medicaid office offers healthcare to qualifying patients throughout the state. These patients rely on the organization to provide them with their medical insurance and to offer other services to them. While providing those services, the organization maintains health and wellness information as well as personal data. That's why it's concerning that the Utah Medicaid office recently experienced a self-caused data breach.

Data breaches are becoming more prevalent and serious each week in 2023, but this week was a bad one for the MOVEit file transfer service, as well as medical organizations and schools and school districts. Anyone utilizing MOVEit should immediately patch the service for their protection, but we're going to go into specifics about that breach, as well as breaches impacting the Pearland, Texas school district, Intellihartx, the MN Department of Education, and the Utah Medicaid system.

Rewind a couple of years and enterprises were heavily focused on acquiring new tech to drive forward their digitization plans. Then, when the pandemic struck, organizations were forced to fix any technology gaps in their environment and digitize services to hastily plug these gaps.

Many modern organizations operate in a distributed model, with branch locations and endpoints deployed outside of a physical office. The concept of the network perimeter has expanded dramatically in recent years. It has been pushed by two significant post-pandemic milestones: the implementation of remote work and the return to business travel.

Trustwave recently completed an almost three-year-long project that took the team to several of the most exotic Pacific paradises on the map. The trip was not a vacation as we spent long days helping install a wide variety of defensive platforms designed to protect national governments from cyberattacks, but one really couldn’t complain about the location.

One of the common concerns about migrating applications to Kubernetes is the control over the network traffic egressing your environment. Due to its highly dynamic architecture, Kubernetes will not tie a specific IP address to an application by default. Instead, it will lease a different IP address from an IP pool whenever the application restarts.