logo
June 23, 2022 | Dirk Schrader

CIS Control 17. Incident Response Management

The Center for Internet Security (CIS) offers Critical Security Controls (CSCs) that help organizations improve cybersecurity. CIS CSC 17 covers incident response and management. (In earlier versions of the CIS controls, handling of security incidents was covered in Control 19.) CIS CSC 17...
November 30, 2021 | Jeff Warren

Performing Pass-the-Hash Attacks with Mimikatz

Mimikatz has become the standard tool for extracting passwords and hashes from memory, performing pass-the-hash attacks, and creating domain persistence through Golden Tickets.  Let’s take a look at how easy Mimikatz makes it to perform pass-the-hash and other authentication-based...
November 30, 2021 | Jeff Warren

How to Detect Pass-the-Hash Attacks

Attackers frequently rely on lateral movement techniques to infiltrate corporate networks and obtain privileged access to credentials and data. In particular, one common technique is pass-the-hash: Hackers use stolen password hashes to authenticate as a user without ever having the user's...
November 13, 2014 | Richard Muniz

How to Steal a Virtual Machine in Three Easy Steps

This last week, a thread in Spiceworks discussed a rogue sys admin that had come back to haunt this company. I read through the different threads and one in particular jumped out at me: “You people sound like a bunch of cops. Don’t you trust anyone? In order to trust someone, you must be...
October 30, 2014 | Jeff Melnick

Can SIEM Solutions Be Effectively Used for Change Auditing?

This should be no revelation to IT professionals: you have to regularly monitor changes occurring in your network – and mainly for two reasons. The first one is this: continuous monitoring will take pain off meeting compliance requirements and surviving auditor’s visits. The second reason to...
August 14, 2014 | Brian Svidergol

Avoid Data Breaches: Top Five Tips

It is hard to keep up with all of the various computer security incidents occurring daily. One can't help but wonder if more incidents are being reported and spreading through social media and internet news or if more incidents are taking place. It is likely both. The good news is, over the last...
...