In this blogpost, we will take a close look at file access auditing on an EMC Isilon file system by leveraging native technologies. We will walk through the configuration process and explore the common challenges faced when working with the resultant audit logs.

Amazon Web Services (AWS) is the world’s largest cloud provider, with well over a million active users. The popularity of AWS makes it one of the biggest targets for cybercriminals — and one of the leading contributors to breaches is incorrectly configured Amazon S3 buckets. For example, an insecure bucket led to the unauthorized access of 23 million documents and 6.5 TB of data belonging to Pegasus Airlines.

Data lifecycle management (DLM) is the process of safeguarding data appropriately throughout its existence. The basic data lifecycle stages are creation, storage, data usage, sharing and destruction: Figure 1. The 6 basic data lifecycle management stages The goal of DLM is to ensure data security and regulatory compliance during all stages without throttling business productivity. Achieving this goal requires different processes and policies at various times during the data lifecycle.

Whether you realize it or not, service accounts represent a major risk to your data security. This article explains the fundamentals of service accounts and how attackers can exploit them so you can prevent yours from being compromised.

Mimikatz provides attackers with several different ways to steal credentials from memory or extract them from Active Directory. One of the most interesting options is the MemSSP command. An adversary can use this command to register a malicious Security Support Provider (SSP) on a Windows member server or domain controller (DC) — and that SSP will log all passwords in clear text for any users who log on locally to that system.

Complex cyberattacks dominate the headlines, making breaches seem sophisticated. In reality, most hacks are unbelievably simple and involve attackers targeting well-known configuration security gaps. In fact, cyberattacks are rather common. According to IBM, 83% of companies have experienced more than one breach while in operation.

The Active Directory linked attribute is a special type of Active Directory attribute that is used to describe relationships between objects. This post explains what linked attributes are and how they work.