%term

Exploiting Service Accounts: Silver Ticket Attack

Aug 31, 2022 By Jeff Warren In Netwrix

In the first post of these series we showed how an adversary can discover Active Directory service accounts with PowerShell, and the second post demonstrated how to crack their passwords using the Kerberoasting technique. Now let’s see how an attacker can exploit a compromised service account using Kerberos Silver Tickets to forge TGS tickets.

Read Post

Netwrix

Read more about Exploiting Service Accounts: Silver Ticket Attack

Using Containers Responsibly

Aug 31, 2022 By JFrog In JFrog

Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!

View Video

JFrog

Read more about Using Containers Responsibly

SANS 2022 Report Moving to a State of Zero Trust

Aug 31, 2022 By Corelight In Corelight

In this webcast, SANS certified instructor Matt Bromiley will explore the concept of zero trust and what it means to security teams and your overall security posture. As a concept, zero trust is relatively straightforward: Trust no one until verified, inside or outside the network. However, this is often easier said than done, especially for systems built on legacy authentication models. Matt will also examine what a zero trust implementation looks like, how this can stop adversaries dead in their tracks, and what your organization can do to begin moving toward a state of zero trust.

View Video

Corelight

Read more about SANS 2022 Report Moving to a State of Zero Trust

Coffee Talk with SURGe: Twitter Whistleblower, Roasting Oktapus, Montenegro Cyberattack

Aug 31, 2022 By Splunk In Splunk

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news including: Mick and Ryan competed in a 60 second charity challenge to explain why they think password managers are still your best option for password security. The team also discussed data privacy after the FTC announced it is suing a data broker for selling geolocation data. Meanwhile, the FCC is launching an investigation into mobile carriers' geolocation data practices.

View Video

Splunk

Read more about Coffee Talk with SURGe: Twitter Whistleblower, Roasting Oktapus, Montenegro Cyberattack

China-Taiwan Threat Intelligence Landscape

Aug 31, 2022 By Cyberint Research Team In Cyberint

Over the past couple of months, the tension between China and Taiwan has increased dramatically. The well-known conflict between both countries began in 1949 when Taiwan became a self-governing state, while Beijing still considers the island part of its territory. Beijing has promised to “unify” Taiwan with the rest of the mainland, using force if necessary.

Read Post

Cyberint

Read more about China-Taiwan Threat Intelligence Landscape

Squiz Matrix CMS Authenticated Privilege Escalation through IDOR

Aug 31, 2022 By Trustwave In Trustwave

During a recent engagement, Trustwave SpiderLabs discovered an Indirect Object Reference (IDOR) vulnerability within Squiz Matrix CMS which would allow any low privileged user to change the contact details of any other user on a Squiz Matrix instance (including administrators). An attacker exploiting the vulnerability could change an administrator’s email address to an attacker-controlled email address after which the attacker could reset the administrator’s password.

Read Post

Trustwave

Read more about Squiz Matrix CMS Authenticated Privilege Escalation through IDOR

Detecting Ransomware on Unmanaged Devices

Aug 31, 2022 By Colin Estep In Netskope

“If a tree falls in a forest and no one is around to hear it, does it make a sound?” If an unmanaged device is infected with ransomware, will the security operations team receive an alert? Consider a contractor or employee who uses their personal laptop for work. If that device becomes infected with ransomware, not only does it pose a risk to the organization’s data and a risk to other devices within the organization, but the device is not centrally managed.

Read Post

Netskope

Read more about Detecting Ransomware on Unmanaged Devices

RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution

Aug 30, 2022 By DataTrails In DataTrails

Green aerospace company SATAVIA chooses RKVST Team to provide immutable evidence trails for aviation industry carbon offsets.

Read Post

DataTrails

Read more about RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution

Cyber insurance: Here's why you need it

Aug 30, 2022 By AD360 In ManageEngine

With the alarming increase in cyberattacks across the globe, it is becoming evident that no organization is immune to cyberthreats. As a result, there is a question pending in the minds of IT security leaders: What happens to their organization in case of a cyberattack?

Read Post

ManageEngine

Read more about Cyber insurance: Here's why you need it

Is It Really That Easy for MSPs to Consolidate to One Security Vendor?

Aug 30, 2022 By Diana Harter In WatchGuard

Gartner predicted that in three years, “80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform.” It seems like it wasn’t too long ago that the security industry was recommending multiple vendors to safeguard your business. Now the pendulum swings the other way. Fortunately, it’s a healthy sign for the cybersecurity industry.

Read Post