ILTA’s LegalSEC Summit is two days all about security for legal. Our Mission: to deliver premier information security education focused on the information security challenges faced by the legal industry. We have two education tracks this year: Technical and Strategic + Half-Day Workshops on both days. #LegalSEC21 LegalSEC is designed for technology professionals at every …
GUEST RESEARCH: Attivo Networks, the experts in preventing identity privilege escalation and detecting lateral movement attacks, today announced the availability of a new research report conducted by Enterprise Management Associates (EMA) and commissioned in part by Attivo Networks. The report focuses on Active Directory (AD), the directory-based identity services platform used by 90% of enterprises …
Dive Brief: Half of large companies have been the subject of a cyberattack on Active Directory (AD) services in the last one to two years, a report from Enterprise Management Associates on behalf of Attivo Networks and Tenable found. In 42% of those attempts, the attacks were successful, according to the survey of 250 IT professionals and executives …
Threat actors more frequently — and successfully — target Active Directory Read More »
Today’s Lateral Movement Tactics: Be Warned Protecting against today’s most dangerous lateral movement tactics is increasingly critical, with AD as vulnerable as it is. Attackers use a wide range of strategies to move about undetected. The list below covers a selection of the most common and potentially damaging tactics. For defenders, knowing what to look …
Cybersecurity Warning: Lateral Movement Tactics Security Experts Should Recognize Read More »
One of the most curious elements of this year’s Verizon Data Breach Investigations Report (DBIR) was the inclusion of the new attack pattern “system intrusions.” Representatives from Verizon identified the category as a broad one that tends to include attacks with many steps, indicating significant lateral movement within the network. Research shows that many recent …
13 Lateral Movement Tactics Security Experts Should Recognize Read More »
Written by: Joseph R. Salazar, CISSP, CEH, EnCE – Ransomware attacks have evolved and grown in number. Traditional ransomware sought to spread and encrypt as many endpoints as possible, but Ransomware 2.0 attacks employ advanced methods or have a human controller directing their activities. These attacks spend much more time conducting discovery to identify business-critical assets for encryption. Because these assets are essential for business continuity and daily operations, the organization is more likely to pay to recover them instead of spending the money on endpoint systems they could re-image and recover. Attackers encrypting the entire Active Directory server infrastructure can demand much higher ransoms, and the organization must pay or else lose money, time, and resource attempting to restore operations. Additionally, these attackers often exfiltrate data and threaten to release it to induce ransom payment, often demanding a second ransom to prevent the release of the information.
Amid a rise in ransomware attacks, Attivo Networks’ Carolyn Crandall shares with the IT channel why “now is the time that businesses need to look at [Microsoft Active Directory] and understand what kind of visibility tools they can use.” Aug. 3, 2021 Watch on CRNtv.
At his six-month mark in office, President Biden is making the right moves to ensure the United States is safer in cyberspace, according to an overwhelming majority of cybersecurity experts we polled. Biden’s term has been marked by a string of cyber cataclysms starting with cleaning up the SolarWinds Russian espionage campaign, which was discovered …
The Cybersecurity 202: Cyber experts give Biden top marks at six months Read More »
It’s been quite a week when it comes to ransomware. The Kaseya attack has permeated the cybersecurity headlines across the pages of the Data Connectors Community Partners. The REvil ransomware group has gained a reputation for big cash sums and sweeping attacks – but where do they come from, and what are they looking to …
Vendor Partner Round-Up: REvil Reviled, Kaseya Attack Broken Down Read More »
Written by: Joseph Salazar, Technical Marketing Engineer – A significant reminder of the SolarWinds attack, attackers have once again targeted a trusted software vendor, this time Kaseya, to compromise hundreds of businesses and deploy ransomware. There are reports that the REvil ransomware group was behind this attack and that they have demanded $70 million to unlock the compromised systems. It is known to have affected over 1500 businesses using their on-premises software version. Many of these businesses use Managed Service Providers that the ransomware affected.
