DisneyTicketBook_wbelf

Authentication Lessons From the Magic Kingdom: A Closer Look at Kerberos, Part II

Let’s continue our journey into the Magic Kingdom as a way to explore Kerberos. Sure the comparison doesn’t completely track, but it’s close and easy enough to grasp that I think you won’t mind missing—trust me on this—the standard Kerberos protocol diagrams. Back to Disney World: you’re now in the park with your passport booklet…

800px-Syringe_and_hypodermic

Top Five Most Dangerous Software Errors

Over the years, Mitre, the MIT research group, has been analyzing software bugs and missteps that hackers have been able to exploit. Their Common Vulnerabilities and Exposures (CVE) classifications are something of a de-facto standard used for describing the root software causes in an attack.  Working with SANS, the Mitre CVE team has come up…

Magic_Kingdom_2

Authentication Lessons from the Magic Kingdom: A Closer Look at Kerberos, Part I

The flaws in NTLM I’ve been writing about might lead you to believe that highly-secure authentication in a distributed environment is beyond the reach of mankind. Thankfully, resistance against hackers is not futile. An advanced civilization, MIT researchers in the 1980s to be exact, developed open-source Kerberos authentication software, which has stood the test of…

hidden - keys-partial

Deadly credential vulnerabilities found in mobile apps

I’m beginning to be known around here as the bearer of bad news on authentication hacks. Unfortunately, I have more to share. In June, researchers at Columbia University announced they discovered secret login keys hidden in thousands of Google Play apps. Left by developers to access their own cloud-based accounts—on Facebook, AWS, Twitter, and other…

8 Things You Didn’t Know About Security Regulations (#4 is Crazy!)

1. The HHS has a “Wall of Shame”.

In the US, the Health Insurance Portability and Accountability Act (HIPAA) requires hospitals, insurers, and other “covered entities” to take a few steps after a breach of protected health information (PHI). Many are familiar with the rule that you have to directly notify the patient when there’s been exposure of unprotected PHI.

NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…

da-chargeback

Usage-Based Storage Chargebacks with DatAdvantage

Usage-based chargebacks is just a better way to do cost sharing: it’s more fair, transparent, and consistent then other approaches.  If you want proof, read our IT Chargeback guide. What about actually doing chargebacks with data storage? Of course, the first step is getting a breakdown of data usage by cost centers or other group…

iron-safe

A Closer Look at Pass the Hash, Part II: Prevention

Last week, I attended a webinar that was intended to give IT attendees a snapshot of recent threats—a kind of hacker heads-up. For their representative case, the two sec gurus described a clever and very targeted phishing attack. It led to an APT being secretly deposited in a DLL. Once the hackers were in, I…

Latest Varonis Survey Reveals the Speed Bumps to Ubiquitous Enterprise Search

We can’t imagine modern consumer life without search engines to help us find Web content that answers our most pressing questions. But in the business world, the situation is almost reversed—we’ve settled for pre-Internet era file search technology to locate the documents and information that help us do our jobs. In a Varonis survey of…