The cybersecurity industry is an ever-evolving landscape wherein businesses struggle to keep up with the dynamic security and cyber-threat landscape. Due to unprecedented events such as the COVID-19 pandemic, evolving IoT landscape, and the newly evolved techniques of sophisticated cybercrimes, businesses are grappling to deal with the growing cyber threats.
There are many arguments on either side of remote work, including whether it impacts an organization’s cybersecurity posture. While most people perceive risks to be higher while people are working from home, this is generally driven by a fear of the unknown. In reality, while some risk factors have changed in some cases, risk is often reduced in a remote working scenario.
Read also: Vodafone Italy discloses a data breach, crypto exchange Deribit suffers a $28 million hack, and more.
Security policies are still awaiting digital transformation. A key phrase in today’s cloud-driven world, “digital transformation” generally refers to the ongoing work of digitizing formerly paper-based processes. “Paper,” however, is not literal — many processes don’t use paper, but still flow as if they were. Uploading a document to Google Drive, in other words, doesn’t amount to digital transformation.
Phishing hackers have struck again; this time, US retail brand, Bed, Bath & Beyond has fallen prey to the attack. Only a few details are available to the broader public; however, there is much more than meets the eye.
As an entrepreneur, you're well aware of how devastating ransomware attacks can be. And as the frequency and magnitude of such attacks are constantly on the rise, devising a formidable plan to protect your startup from a ransomware attack is imperative. According to CrowdStrike 2022 Global Threat Report, there has been an 82% YoY increase in ransomware-related data leaks in 2021. What's more? According to Statista, there were 623.3 million ransomware attacks worldwide in 2021.
The world is changing rapidly, and cyber-attackers are adapting to it faster than the rate of development of security solutions. Advances in technology also lead to advances in cybercrimes backed by the evolution of cybercriminals. You cannot just stick to old-school techniques to prevent a data breach. Traditional security measures such as firewalls and antivirus software are not providing an adequate solution in the evolving cyber world.
That’s a wrap for Data Security Summit 2022! Last month, we gathered some of the wisest forces from the frontlines of cybersecurity to discuss why data security is a crucial component—and often a missing one—of a well-rounded security strategy.
Active Directory user objects possess a number of logon metadata attributes that are valuable for Active Directory audit reporting and administration. For example, they are commonly used to identify user accounts that have been inactive for a significant period, or as “stale” accounts. However, each logon metadata attribute has some unique behaviors that need to be understood.
One critical way that attackers gain access to an IT environment and escalate their privileges is by stealing user password hashes and cracking them offline. We covered a method for harvesting service account passwords in our post on Kerberoasting. Here we will explore a technique that works against certain user accounts, AS-REP Roasting. We’ll cover how adversaries perform AS-REP Roasting using the Rubeus tool and how you can defend your organization against these attacks.
