As everyone has surely heard by now, Elon Musk has bought Twitter. The controversial tech maverick's takeover of the site has caused some consternation for the site's users, employees, and advertisers - and has also proven a golden opportunity for scammers. Numerous verified Twitter users have reported receiving phishing emails from fraudsters, purporting to be a legitimate message from the website.
The cybersecurity industry is an ever-evolving landscape wherein businesses struggle to keep up with the dynamic security and cyber-threat landscape. Due to unprecedented events such as the COVID-19 pandemic, evolving IoT landscape, and the newly evolved techniques of sophisticated cybercrimes, businesses are grappling to deal with the growing cyber threats.
That’s a wrap for Data Security Summit 2022! Last month, we gathered some of the wisest forces from the frontlines of cybersecurity to discuss why data security is a crucial component—and often a missing one—of a well-rounded security strategy.
Active Directory user objects possess a number of logon metadata attributes that are valuable for Active Directory audit reporting and administration. For example, they are commonly used to identify user accounts that have been inactive for a significant period, or as “stale” accounts. However, each logon metadata attribute has some unique behaviors that need to be understood.
Cybersecurity is front and center as part of our national defense strategy. Civilian networks responsible for life-sustaining services such as water and power must be protected with the same vigor as networks that host sensitive data. To accomplish this the Department of Homeland Services developed the Continuous Diagnostics and Mitigation (CDM) program in 2012.
One critical way that attackers gain access to an IT environment and escalate their privileges is by stealing user password hashes and cracking them offline. We covered a method for harvesting service account passwords in our post on Kerberoasting. Here we will explore a technique that works against certain user accounts, AS-REP Roasting. We’ll cover how adversaries perform AS-REP Roasting using the Rubeus tool and how you can defend your organization against these attacks.
There are many arguments on either side of remote work, including whether it impacts an organization’s cybersecurity posture. While most people perceive risks to be higher while people are working from home, this is generally driven by a fear of the unknown. In reality, while some risk factors have changed in some cases, risk is often reduced in a remote working scenario.
Christmas shopping season is a lucrative time of year for cybercriminals. In the UK alone, shoppers lost more than £15 million to fraud in the run-up to Christmas 2020. Of this, £2.5 million was lost over a single weekend: Black Friday to Cyber Monday. Online shopping scams are expected to ramp up ahead of Black Friday this year, too. Card cracking is particularly high risk, as heightened traffic volumes make it more difficult for many retailers to detect high volume brute force attacks.
