By Priyanka RoyThe COVID-19 pandemic has not only had a profound impact on everyone across the globe; it has also fundamentally changed the way organizations function. We are nearing one and a half years since remote work became the norm and organizations had to adapt to this new mode of working almost overnight. This rapid […]
10 essential cybersecurity tips for beginners
By Raghav IyerOrganizations today are challenged by an increased exposure to cyber threats. Attackers often target emerging technologies since the new technology is often ill-equipped to handle an attack. Moreover, the internet has become filled with malicious links, Trojans, and viruses.The pressure to keep up with the new and emerging technologies often coerces organizations to […]
Operation panopticon: How a weak IAM strategy led to the security camera hack across organizations
By AbhilashOn March 9, 2021, Verkada, a software company that specializes in making security cameras for monitoring physical access control, was subject to a security hack.Hackers gained access to the video feed of at least 15 thousand cameras deployed across various locations and exposed the inner workings of hospitals, clinics, and mental health institutions; banks; […]
Ransomware in 2021: What has changed? Detection and mitigation strategy
A ransomware attack is a bug that we can’t shake off. Or perhaps, it can even be called a shape-shifter that somehow finds a way into networks, no matter how many armed sentries you’ve deployed in and around your perimeter.The line between ransomware and a data breach is slowly fading. Threat actors prefer ransomware over […]
IT security under attack: Credential dumping attacks in Windows environments
Most of the time, threat actors in the cybersecurity landscape don’t employ advanced techniques and tools to intrude and establish a foothold within networks. Often, they disguise malicious operations by mimicking the activities of legitimate users, leaving behind little to no footprint.Blending malicious actions with day-to-day IT activities helps attackers maintain a low profile and […]
IT security under attack: Why are group memberships so crucial?
Security groups either make or break your IT security. Group memberships are responsible for administrative access in your your network and define access to other privileged resources and data on your domain. Ever wondered how a simple misconfiguration of a group membership could lead to a security incident? This blog elaborates the most common misconfiguration […]
IT security under attack blog series: Instant domain persistence by registering a rogue domain controller
In this blog in the IT security under attack series, we will learn about an advanced Active Directory (AD) domain controller (DC) attack to obtain persistence in AD environments.Dubbed DCShadow, this is a late-stage kill chain attack that allows a threat actor with admin (domain or enterprise admin) credentials to leverage the replication mechanism in […]
Five worthy reads: Preparing an incident response plan for the pandemic and beyond
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cyberattacks in the distributed workforce, this week we explore the concept of cybersecurity incident response during a pandemic.The new normal of a distributed workforce has given rise to advancements in the […]
Domain controller patch alert! Vulnerability grants domain admin access in 10 seconds
A critical Active Directory vulnerability (CVE-2020-1472) has been making headlines for being the most notorious elevation of privilege bug because it can affect all computers and domain controllers in an organization.This high-risk vulnerability, dubbed Zerologon, gives threat actors easy, instant access to domain controllers without requiring any additional privileges. This attack does not even require […]
Are you listening to your logs? Part 4: Open Ports
Did you know that an organization with more open ports is more vulnerable to data breaches?In the first, second, and third parts of the Are you listening to your logs? series, we saw how logs can be used to detect security and operational issues in a network. In the final blog, we’ll talk about open […]