Elastic continues to provide customers the ability to modernize their security operations programs. Today’s launch celebrates several initiatives that together equip customers to modernize security operations, including.

DCShadow is a feature in the open-source tool mimikatz. In another blog post, we cover without detection once they’ve obtained admin credentials. But DCShadow can also enable an attacker to elevate their privileges. How can a Domain Admin elevate their access even higher? By obtaining admin rights in other forests. Leveraging SID History, an attacker can add administrative SIDs to their user account and obtain admin level rights in other trusted domains and forests.

The rapid proliferation of cloud technology has empowered organizations to meet complex challenges with innovative solutions. This flexibility, however, is the antithesis of security — each new cloud solution that an organization adopts expands their attack surface.

The overpass-the-hash attack is a combination of two other attacks: pass-the-hash and pass-the-ticket. All three techniques fall under the Mitre category “Exploitation of remote services.” In an overpass-the-hash attack, an adversary leverages the NTLM hash of a user account to obtain a Kerberos ticket that can be used to access network resources.

We’re thrilled to share that, for the third year in a row, WatchGuard has been recognized in the 2022 TrustRadius Tech Cares Awards! This exclusive awards program honors companies that demonstrate compassion in every aspect of their organization and celebrates the best parts of the tech market and those working in the industry.

As an employer, you have both a moral and legal obligation to shore up sensitive information about your employees. Sensitive information includes genetic and biometric data, medical records, SNNs (social security numbers), and criminal history records, just to name a few. Fail to do so, and you will open yourself up to loads of risk. Hackers are constantly on the hunt for applicant and employee data that they can further sell on the dark web or use to perpetrate fraud.

Snyk, the leader in developer security, is excited to share that we’ve been named a Customers’ Choice in the 2022 Gartner Peer Insights ‘Voice of the Customer’: Application Security Testing. Gartner defines the Application Security Testing category as products and services designed to analyze and test applications for security vulnerabilities. This distinction is based on meeting or exceeding overall rating, user interest, and adoption.

You always want to know what is attached to your network. And whether it could be vulnerable or not. In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed – and this can present an opportunity for malicious hackers to take advantage of improperly secured systems. In many cases, organizations have no idea about how many assets they have, let alone where they are all located.

This summer, we launched Investigator, Corelight’s SaaS-based network detection and response (NDR) solution that fuses rich network evidence with machine learning and other security analytics to unlock powerful threat hunting capabilities and accelerate analyst workflows. Today, we are pleased to share that the Investigator platform is engaged in attestation for GDPR to support customer threat hunting and incident response operations across Europe.