Privilege Escalation Blog Terms - Attivo Networks

Privilege Escalation

Help Net Security Logo

Obstacles and threats organizations face when protecting AD

Attivo Networks announced the availability of a research report conducted by Enterprise Management Associates (EMA) which focuses on Active Directory (AD), exploring the obstacles and threats organizations face when protecting AD and how they adapt to address these growing concerns. As evidence of the value that attackers place in exploiting Active Directory and the privileges it contains, …

Obstacles and threats organizations face when protecting AD Read More »

Beta news logo

Half of businesses experience attacks on Active Directory

Active Directory, the directory-based identity services platform, is used by 90 percent of enterprises worldwide making it an attractive target for hackers. New research part sponsored by Attivo Networks and conducted by Enterprise Management Associates (EMA) shows half of organizations experienced an attack on Active Directory in the last two years, with over 40 percent saying the attack was …

Half of businesses experience attacks on Active Directory Read More »

Hacker Noon Website Logo

Understanding Lateral Movement and How to Detect It

By Carolyn Crandall, chief security advocate, Attivo Networks Lateral movement broadly applies to an attacker’s activity within the network after penetrating perimeter defenses, using various tactics, techniques, and procedures (TTPs). Today’s organizations must understand those TTPs and ensure that their controls are effective across on-premises, remote, and cloud attack surfaces. The MITRE ATT&CK framework plays a beneficial …

Understanding Lateral Movement and How to Detect It Read More »

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks

Integration couples unparalleled endpoint security with Active Directory protection, credential theft detection and credential exposure prevention FREMONT, Calif. – April 27, 2021 – Attivo Networks®, the industry experts in lateral movement attack detection and privilege escalation prevention, announced today a new integration for the Attivo EDN Suite with SentinelOne’s Singularity XDR platform. With an uptick …

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks Read More »

Data Connectors and Attivo Networks Web Briefing: Stopping Privilege Escalation without Breaking the Bank

Join this CISO Panel that will cover why attackers have been successful gaining privileged access and discuss practical approaches that help organizations modernize their security defenses.   Recent headlines underscore the problem of privilege escalation. However, CISOs are torn between strategy and firefighting. It often seems that protecting corporate assets, confidential data, and uninterrupted service …

Data Connectors and Attivo Networks Web Briefing: Stopping Privilege Escalation without Breaking the Bank Read More »

Hafnium Microsoft Hack– Active Exploitation of Microsoft Exchange and Lateral Movement

Written by the Attivo Research Team – Contributing members: Gorang Joshi, Anil Gupta, Saravanan Mohan – Microsoft and Volexity have confirmed the active exploitation of vulnerabilities published by Microsoft in Exchange Server. Security research has attributed the exploitation to the Advanced Persistent Threat group known as Hafnium operating out of China. After the initial compromise, Hafnium operators accessed email accounts and deployed web shells on the compromised servers, which they then used to steal data and expand the attack. Since enterprises deploy Outlook Web Access (OWA) on public networks, it enabled the group to compromise many organizations across a large set of industries, according to ThreatPost’s blog.

The SolarWinds Attack: How to Address Lateral Movement On-Demand Webinar

Joseph Salazar, Technical Marketing Manager | Attivo Networks 22 mins The SolarWinds supply chain breach garnered much attention and concern, especially for potentially vulnerable organizations. While the compromise method was novel, analysis indicates that the attackers used typical in-network attack activities, such as credential theft, privilege escalation, discovery, and lateral movement. To defend against such …

The SolarWinds Attack: How to Address Lateral Movement On-Demand Webinar Read More »

Scroll to Top