ransomware Blog Terms - Attivo Networks

ransomware

It wire logo

Research finds attackers targeting Active Directory: 50% of businesses experienced an attack with >40% success

GUEST RESEARCH: Attivo Networks, the experts in preventing identity privilege escalation and detecting lateral movement attacks, today announced the availability of a new research report conducted by Enterprise Management Associates (EMA) and commissioned in part by Attivo Networks. The report focuses on Active Directory (AD), the directory-based identity services platform used by 90% of enterprises …

Research finds attackers targeting Active Directory: 50% of businesses experienced an attack with >40% success Read More »

Cybersecurity Dive Logo

Threat actors more frequently — and successfully — target Active Directory

Dive Brief: Half of large companies have been the subject of a cyberattack on Active Directory (AD) services in the last one to two years, a report from Enterprise Management Associates on behalf of Attivo Networks and Tenable found. In 42% of those attempts, the attacks were successful, according to the survey of 250 IT professionals and executives …

Threat actors more frequently — and successfully — target Active Directory Read More »

eWeek Logo

Cybersecurity Warning: Lateral Movement Tactics Security Experts Should Recognize

Today’s Lateral Movement Tactics: Be Warned Protecting against today’s most dangerous lateral movement tactics is increasingly critical, with AD as vulnerable as it is. Attackers use a wide range of strategies to move about undetected. The list below covers a selection of the most common and potentially damaging tactics. For defenders, knowing what to look …

Cybersecurity Warning: Lateral Movement Tactics Security Experts Should Recognize Read More »

DZone Logo

13 Lateral Movement Tactics Security Experts Should Recognize

One of the most curious elements of this year’s Verizon Data Breach Investigations Report (DBIR) was the inclusion of the new attack pattern “system intrusions.” Representatives from Verizon identified the category as a broad one that tends to include attacks with many steps, indicating significant lateral movement within the network. Research shows that many recent …

13 Lateral Movement Tactics Security Experts Should Recognize Read More »

Leveraging MITRE Shield to Defend Against Ransomware

Written by: Joseph R. Salazar, CISSP, CEH, EnCE – Ransomware attacks have evolved and grown in number.  Traditional ransomware sought to spread and encrypt as many endpoints as possible, but Ransomware 2.0 attacks employ advanced methods or have a human controller directing their activities. These attacks spend much more time conducting discovery to identify business-critical assets for encryption. Because these assets are essential for business continuity and daily operations, the organization is more likely to pay to recover them instead of spending the money on endpoint systems they could re-image and recover.  Attackers encrypting the entire Active Directory server infrastructure can demand much higher ransoms, and the organization must pay or else lose money, time, and resource attempting to restore operations. Additionally, these attackers often exfiltrate data and threaten to release it to induce ransom payment, often demanding a second ransom to prevent the release of the information.

The Washington Post Logo

The Cybersecurity 202: Cyber experts give Biden top marks at six months

At his six-month mark in office, President Biden is making the right moves to ensure the United States is safer in cyberspace, according to an overwhelming majority of cybersecurity experts we polled.  Biden’s term has been marked by a string of cyber cataclysms starting with cleaning up the SolarWinds Russian espionage campaign, which was discovered …

The Cybersecurity 202: Cyber experts give Biden top marks at six months Read More »

Virtual Cybersecurity Summit

Vendor Partner Round-Up: REvil Reviled, Kaseya Attack Broken Down

It’s been quite a week when it comes to ransomware. The Kaseya attack has permeated the cybersecurity headlines across the pages of the Data Connectors Community Partners. The REvil ransomware group has gained a reputation for big cash sums and sweeping attacks – but where do they come from, and what are they looking to …

Vendor Partner Round-Up: REvil Reviled, Kaseya Attack Broken Down Read More »

Kaseya VSA Supply Chain Ransomware Attack

Written by: Joseph Salazar, Technical Marketing Engineer – A significant reminder of the SolarWinds attack, attackers have once again targeted a trusted software vendor, this time Kaseya, to compromise hundreds of businesses and deploy ransomware. There are reports that the REvil ransomware group was behind this attack and that they have demanded $70 million to unlock the compromised systems. It is known to have affected over 1500 businesses using their on-premises software version. Many of these businesses use Managed Service Providers that the ransomware affected.

Scroll to Top