By Carolyn Crandall, Chief Security Advocate, Attivo Networks. Reports of new ransomware attacks are filling the news on a daily basis. What is less commonly promoted is that they all have one common element: the leverage of Active Directory (AD). This technology is responsible for critical authentication and authorisation processes across enterprise resources and it can be …
Join this session to explore new options that automate defending AD from compromise to prevent lateral movement.
Written by: Venu Vissamsetty – VP Security Research, Attivo Networks – Security researcher Gilles Lionel recently disclosed an attack technique named PetitPotam, allowing attackers to achieve domain compromise with just network access to the Enterprise infrastructure. The technique is a classic NTLM relay attack on any offered server services (e.g., a domain controller). Lionel also released proof-of-concept code on GitHub, demonstrating how attackers can use this specific attack technique to achieve domain compromise. Several other security researchers confirmed the severity and impact of this attack technique soon afterward.
The Denver Virtual Cybersecurity Summit will offer an opportunity for cybersecurity professionals to connect, learn, and grow professionally. This live, virtual experience will help you navigate the complicated waters of information security on behalf of your organization. Join our session: Disrupting Lateral Movement by Securing Active Directory at 9:00 am MDT Organizations continue to build …
Denver Virtual Cybersecurity Summit by Data Connectors Read More »
By Carolyn Crandall, chief security advocate, Attivo Networks Lateral movement broadly applies to an attacker’s activity within the network after penetrating perimeter defenses, using various tactics, techniques, and procedures (TTPs). Today’s organizations must understand those TTPs and ensure that their controls are effective across on-premises, remote, and cloud attack surfaces. The MITRE ATT&CK framework plays a beneficial …
Understanding Lateral Movement and How to Detect It Read More »
Attivo Networks, a provider of defense and deception technologies, is collaborating with the Department of Defense to deliver the latest active defense tools intended to support warfighters’ adversary management. The company said Thursday its ThreatDefend platform is designed to be capable of deploying attack intelligence to the Common Operating Picture and uses modernized deception and machine learning …
The Great Plains Region Virtual Cybersecurity Summit is drawing upon some of the region’s preeminent cybersecurity experts. Headlined by Special Agent in Charge Joe Scargill of the US Secret Service’s Minneapolis Field Office, the keynote session will cover some of the unique needs of this region, titled “Cybersecurity Protective Advance: A Briefing from the US …
Great Plains Virtual Cybersecurity Summit by Data Connectors Read More »
Attivo Networks®, the leader in identity detection and response, today announced a new Cloud Infrastructure Entitlement Management (CIEM) solution, IDEntitleX, designed to deliver visibility and reduce the attack surface for identities and entitlements in the cloud.
Active Directory (AD) remains the first target for attackers, often abusing misconfigurations that the security and operations teams are unaware exist. Gaining visibility into exploitable Active Directory states has been a highly expensive, labor intensive, manual engagement process until now. Join Attivo Networks and Carahsoft to learn about the vulnerabilities and exposures in AD that …
By Carolyn Crandall, chief security advocate, Attivo Networks Active Directory (AD) is one of the most valuable targets for cyberattackers because it handles authentication and authorization across all enterprise resources and touches virtually everything on the network. AD is complicated to secure, and today, red teams estimate that they can compromise it 100% of the time. …
