Cybersecurity
July 26, 2023
There is an old saying: “One person’s tool is another person’s weapon.” That is certainly true of Windows PowerShell. Included with every Windows operating system today, this powerful...
Cybersecurity
July 6, 2023
Deception technology is a cybersecurity strategy that utilizes decoys to gather information about current threats and attack methodologies used by cybercriminals. The premise of this approach is to...
Once an adversary has compromised privileged credentials, for example, by exploiting an attack path, they want to make sure they don’t lose their foothold in the domain. That is, even if the...
Cybersecurity
May 13, 2023
Attackers use a variety of tactics to spread laterally across on-premises Windows machines, including Pass-the-Ticket, Pass-the-Hash, Overpass-the-Hash and Golden...
Cybersecurity
April 14, 2023
Adversaries use multiple techniques to identify and exploit weaknesses in Active Directory (AD) to gain access to critical systems and data. This blog post explores 3 ways they use PowerShell...
Cybersecurity
February 24, 2023
Mimikatz provides attackers with several different ways to steal credentials from memory or extract them from Active Directory. One of the most interesting options is the MemSSP command....
Cybersecurity
February 24, 2023
Whether you realize it or not, service accounts represent a major risk to your data security. This article explains the fundamentals of service accounts and how attackers can exploit them so you can...
Cybersecurity
January 20, 2023
AD Attack – Local Admin Mapping
Once an attacker establishes a foothold in your Active Directory (AD) domain, they begin looking for ways to achieve their final objective, such as to sensitive...
Cybersecurity
November 29, 2022
Multi-factor authentication (MFA) is a great way to increase both on-premises and cloud security. With MFA in place, when a user logs on, they are required to provide not only their user ID and...
Cybersecurity
November 29, 2022
Skeleton Key is a particularly scary piece of malware that makes it alarmingly easy for attackers to hijack any identity in a Microsoft Windows domain, including accounts that provide privileged...