Tag: Security incident
June 23, 2022 |
CIS Control 17. Incident Response Management
The Center for Internet Security (CIS) offers Critical Security Controls (CSCs) that help organizations improve cybersecurity. CIS CSC 17 covers incident response and management. (In earlier versions of the CIS controls, handling of security incidents was covered in Control 19.)
CIS CSC 17...
November 30, 2021 |
How to Detect Pass-the-Hash Attacks
Attackers frequently rely on lateral movement techniques to infiltrate corporate networks and obtain privileged access to credentials and data. In particular, one common technique is pass-the-hash: Hackers use stolen password hashes to authenticate as a user without ever having the user's...
November 30, 2021 |
Performing Pass-the-Hash Attacks with Mimikatz
Mimikatz has become the standard tool for extracting passwords and hashes from memory, performing pass-the-hash attacks, and creating domain persistence through Golden Tickets.
Let’s take a look at how easy Mimikatz makes it to perform pass-the-hash and other authentication-based...
November 13, 2014 |
How to Steal a Virtual Machine in Three Easy Steps
This last week, a thread in Spiceworks discussed a rogue sys admin that had come back to haunt this company. I read through the different threads and one in particular jumped out at me: “You people sound like a bunch of cops. Don’t you trust anyone? In order to trust someone, you must be...
October 30, 2014 |
Can SIEM Solutions Be Effectively Used for Change Auditing?
This should be no revelation to IT professionals: you have to regularly monitor changes occurring in your network – and mainly for two reasons. The first one is this: continuous monitoring will take pain off meeting compliance requirements and surviving auditor’s visits. The second reason to...
August 14, 2014 |
Avoid Data Breaches: Top Five Tips
It is hard to keep up with all of the various computer security incidents occurring daily. One can't help but wonder if more incidents are being reported and spreading through social media and internet news or if more incidents are taking place. It is likely both. The good news is, over the last...