Pen Testing Active Directory

You may have been following our series of posts on pen testing Active Directory environments and learned about the awesome powers of PowerView. No doubt you were wowed by our cliffhanger ending — spoiler alert — where we applied graph theory to find the derivative admin!

We know from the many emails we received that you demanded a better ‘long-form’ content experience. After all, who’d want to read about finding hackable vulnerabilities using Active Directory while being forced to click six-times to access the entire series?

Thanks to the miracle of PDF technology, we’ve compressed the entire series into an easy-to-ready, comfy ebook format. Best of all, you can scroll through the entire contents without having to touch messy hyperlinks.

Get The Ebook Now
Or check it all out online, here.
Data Security

[Podcast] Are Cyber War Rooms Necessary?

While some management teams are afraid of a pentest or risk assessment, other organizations – particularly financial institutions – are well aware of their security risks. They are addressing these risks by simulating fake cyberattacks. By putting IT, managers, board members and executives who would be responsible for responding to a real breach or attack, they are learning how to respond to press, regulators, law enforcement, as well as other scenarios they might not otherwise…
Data Security, IT Pros

Working With Windows Local Administrator Accounts, Part III

One point to keep in mind in this series is that we’re trying to limit the powers that are inherent in Administrator accounts. In short: use the Force sparingly. In the last post, we showed it’s possible to remove the local Administrator account and manage it centrally with GPOs. Let’s go over a few things I glossed over last time, and discuss additional ways to secure these accounts. Restricted Groups: Handle with Care In my…
Data Security, IT Pros

[Podcast] Roxy Dee, Threat Intelligence Engineer

Some of you might be familiar with Roxy Dee’s infosec book giveaways. Others might have met her recently at Defcon as she shared with infosec n00bs practical career advice. But aside from all the free books and advice, she also has an inspiring personal and professional story to share. In our interview, I learned about her budding interest in security, but lacked the funds to pursue her passion. How did she workaround her financial constraint?…
Compliance & Regulation, Data Security, Varonis News

Introducing Our New DataPrivilege API and a Preview of Our Upcoming GDPR Pa...

GDPR Patterns Preview We’re less than a year out from EU General Data Protection Regulation (GDPR) becoming law, and hearing that our customers are facing more pressure than ever to get their data security policies ready for the regulation.  To help enterprises quickly meet GDPR, we’re introducing GDPR Patterns with over 150 patterns of specific personal data that falls in the realm of GDPR, starting with patterns for 19 countries currently in the EU (including…
Data Security

Working With Windows Local Administrator Accounts, Part II

Before we delve into Restricted Groups, I thought it might be worthwhile to take a closer look at how hackers take advantage of Administrator passwords. For Pass-the-Hash fans, this post will show you how hashes can be used even with local accounts. I also had a chance to try Windows Local Administrator Passwords Solution or LAPS. Spoiler alert: LAPS scares me a little. Passing Local Hashes After writing the first post, I realized that you don’t…
Compliance & Regulation

A Few Thoughts on Data Security Standards

Did you know that the 462-page NIST 800-53 data security standard has 206 controls with over 400 sub-controls1?  By the way, you can gaze upon the convenient XML-formatted version here. PCI DSS is no slouch either with hundreds of sub-controls in its requirements’ document. And then there’s the sprawling IS0 27001 data standard. Let’s not forget about security frameworks, such as COBIT and NIST CSF, which are kind of meta-standards that map into other security…
Data Security

Working With Windows Local Administrator Accounts, Part I

In writing about hackers and their techniques, the issue of Windows local Administrator accounts often comes up. Prior to Windows 7, the Administrator account was created by default with no password. This was not a good security practice, and hackers have been taking advantage ever since. Starting in Windows 7, the local Administrator accounts were disabled by default. And you should disable them in your domain regardless of which Windows OS you have! But for…
Data Security

How to Better Structure AWS S3 Security

If the new IT intern suggests that you install a publicly accessible web server on your core file server – you might suggest that they be fired. If they give up on that, but instead decide to dump the reports issuing from your highly sensitive data warehouse jobs to your webserver – they’d definitely be fired. But things aren’t always so clear in the brave new world of the cloud – where services like Amazon’s…
Data Security

[Podcast] Blackhat Briefings That Will Add to Your Tool Belt

We’re counting down to Blackhat USA to attend one of the world’s leading information security conference to learn about the latest research, development and trends. We’ll also be at booth #965 handing out fabulous fidget spinners and showcasing all of our solutions that will help you protect your data from insider threats and cyberattacks. In this podcast episode, we discussed not only sessions you should attend, but also questions to ask that will help you reduce…
Data Security

Global Manufacturer Relies on DatAdvantage as it Moves to the Cloud

Dayton Superior is a leading manufacturer for the non-residential concrete construction industry. With thousands of products used in more than one million buildings, bridges and other structures worldwide, Dayton Superior has an ongoing need to monitor and protect information on its network. The Ohio-based company first began using DatAdvantage several years ago after a major acquisition in which company’s employees were merged into a single IT environment. DatAdvantage gave Dayton Superior deep visibility into the…
Data Security

[Podcast] Cyber Threats Are Evolving and So Must Two-Factor

Finally, after years of advocacy many popular web services have adopted two-factor authentication (2FA) as a default security measure. Unfortunately, as you might suspect attackers have figured out workarounds. For instance, attackers that intercept your PIN in a password reset man-in-the-middle attack. So what should we do now? As the industry moves beyond 2FA, the good news is that three-factor authentication is not on the shortlist as a replacement. Google’s identity systems manager, Mark Risher…
Data Security

[Podcast] Budgets and Ethics

Right now, many companies are planning 2018’s budget. As always, it is a challenge to secure enough funds to help with IT’s growing responsibilities. Whether you’re a nonprofit, small startup or a large enterprise, you’ll be asked to stretch every dollar. In this week’s podcast, we discussed the challenges a young sysadmin volunteer might face when tasked with setting up the IT infrastructure for a nonprofit. And for a budget interlude, I asked the panelists…