Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A Social engineering attack is the process of exploiting weaknesses in human psychology to manipulate and persuade others to perform in a way that is harmful. Prior to the digital age, criminals would carry out these attacks in person, in what was known as a confidence game. The perpetrators were referred to a “con men”, regardless of their gender.

When I try to join a new Windows workstation or server to an Active Directory (AD) domain, I sometimes encounter the following error: “An Active Directory Domain Controller (AD DC) for the domain ‘domainname’ could not be contacted.” This error can occur due to any of several reasons, from a simple incorrect DNS server IP address to a much more complex issue.

Vietnam’s government is taking steps to combat online scams and other forms of cybercrime by making it mandatory for users of Facebook, TikTok, and other social media networks to verify their identities using real-time identity verification. According to the Global Anti Scam Alliance, Vietnam has one of the highest rates of online fraud in Asia.

Attackers use a variety of tactics to spread laterally across on-premises Windows machines, including Pass-the-Ticket, Pass-the-Hash, Overpass-the-Hash and Golden Tickets attacks. But similar techniques are also effective in moving laterally from a compromised workstation to connected cloud resources, bypassing strong authentication measures like MFA. This article explains how attackers can perform lateral movement to the cloud with an attack called Pass-the-PRT.

In today’s digital landscape, businesses face a multitude of regulatory requirements designed to safeguard sensitive data and protect individuals’ privacy. Compliance with regulations such as HIPAA, GLBA, CMMC, PCI, and others has become paramount, making it essential for organizations to have robust log management solutions in place.