Pen Testing Active Directory

You may have been following our series of posts on pen testing Active Directory environments and learned about the awesome powers of PowerView. No doubt you were wowed by our cliffhanger ending — spoiler alert — where we applied graph theory to find the derivative admin!

We know from the many emails we received that you demanded a better ‘long-form’ content experience. After all, who’d want to read about finding hackable vulnerabilities using Active Directory while being forced to click six-times to access the entire series?

Thanks to the miracle of PDF technology, we’ve compressed the entire series into an easy-to-ready, comfy ebook format. Best of all, you can scroll through the entire contents without having to touch messy hyperlinks.

Get The Ebook Now
Or check it all out online, here.
Data Security

[Transcript] Interview With GDPR Attorney Sue Foster

Over two podcasts, attorney Sue Foster dispensed incredibly valuable GDPR wisdom. If you’ve already listened, you know it’s the kind of insights that would have otherwise required a lengthy Google expedition, followed by chatting with your cousin Vinny the lawyer. We don’t recommend that! In reviewing the transcript below, I think there are three points that are worth commenting on. One, the GDPR’s breach reporting rule may appear to give organizations some wiggle room. But in…
Data Security

[Podcast] John P. Carlin, Part 2: Economic Espionage & Weaponized Info...

In part two of our series, John Carlin shared with us lessons on economic espionage and weaponized information. As former Assistant Attorney General for the U.S. Department of Justice’s National Security Division, he described how nation state actors exfiltrated data from American companies, costing them hundreds of billions of dollars in losses and more than two million jobs. He also reminded us how important it is for organizations to work with the government as he…
Data Security, IT Pros

Disabling PowerShell and Other Malware Nuisances, Part I

Back in more innocent times, circa 2015, we began to hear about hackers going malware-free and “living off the land.” They used whatever garden-variety IT tools were lying around on the target site. It’s the ideal way to do post-exploitation without tripping any alarms. This approach has taken off and gone mainstream, primarily because of off-the-shelf post-exploitation environments like PowerShell Empire. I’ve already written about how PowerShell, when supplemented with PowerView, becomes a potent purveyor…
Data Security

One Year Out: 75% of Organizations Will Struggle to Meet EU GDPR Regulation...

Today, we have released the findings from an independent survey probing attitudes towards the EU General Data Protection Regulations (EU GDPR), due to come into effect one year from today.  The survey, which polled 500 IT decision makers in the UK, Germany, France and the U.S., reveals that 75% of organizations indicate they will struggle to be ready for the deadline.  An additional 42% say that it’s not a priority for their businesses, despite the threat…
Data Security

Lessons from WannaCry: Varonis on CNBC’s Nightly Business Report

Last night, Varonis’ Brian Vecci, Technical Evangelist, sat down with Andrea Day of CNBC’s Nightly Business Report to discuss the recent WannaCry outbreak, where it goes from here and lessons to be learned. You can watch the full clip here. “We’re playing catch up because of how much data and how much complexity and how blind we’ve been to these kinds of attacks.” What’s the latest on the attack: We know how to prevent WannaCry…
Data Security

[Podcast] Our Post WannaCry World

After WannaCry, US lawmakers introduced the Protecting Our Ability to Counter Hacking Act of 2017, or PATCH Act. If the bill gets passed, it would create a Vulnerabilities Equities Process Review Board where they would decide if a vulnerability, known by the government, would be disclosed to a non-government entity. It won’t be an easy law to iron out as they’ll need to find the right balance between vulnerability disclosure and national security. Meanwhile Shadow Brokers, the…
Data Security

Is a ransomware attack a data breach?

Ransomware is a loss of control Most IT people equate exfiltration of data from their network as the point at which control is lost and a data breach has occurred. They think of it like “where are the bits” and if your user database is being passed around the internet via bittorrent and sold off for a .0001 BTC an account you clearly have lost control. What’s not so obvious is that ransomware (or any…
Data Security

EternalRocks leaves backdoor trojan for remote access to infected machines

What we know so far The WannaCry ransomware worm outbreak from last Friday week used just one of the leaked NSA exploit tools, ETERNALBLUE, which exploits vulnerabilities in the SMBv1 file sharing protocol. On Wednesday security researcher Miroslav Stampar, member of the Croatian Government CERT, who created infamous sqlmap (SQL injection pentesting tool), detected a new self-replicating worm which also spreads via several SMB vulnerabilities. This worm, dubbed EternalRocks uses seven leaked NSA hacking tools…
Data Security

Discover Sensitive Data with a Data Risk Assessment

In our recent 2017 Data Risk Report, we discovered that 47% of organizations had at least 1,000 sensitive files open to every employee. Our latest video shows what a data risk assessment is, why it matters, and how it works.  Check out a sample data risk assessment for a sneak peak of what you might find. A Varonis Data Risk Assessment doesn’t take long – a 90-minute software install lets you map access to your data…
Compliance & Regulation

[Podcast] Mintz Levin’s Sue Foster on the GDPR, Part II

In this second part of our interview with attorney and GDPR pro Sue Foster, we get into a cyber topic that’s been on everyone’s mind lately: ransomware. A ransomware attack on EU personal data is unquestionably a breach —  “accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access  …” But would it be reportable under the GDPR, which goes into effect next year? In other words, would an EU company (or US one…
Data Security
Image: Canadian Institute of Mining, CC-BY

Adylkuzz: How WannaCry Ransomware Attack Alerted The World To Even Worse Th...

Your garden variety ransomware, like Cerber, is the canary in the coal mine that rudely, but thankfully announces bigger security issues: insider threats and cyberattacks that take advantage of too much employee access to files. As disruptive as WannaCry has been to vulnerable organizations, this is their canary in the coal mine moment that should alert them to more deadly attacks that don’t announce their presence, like the cryptocurrency miner Adylkuzz. Researchers at Proofpoint have…
Data Security

[Podcast] Pick Up Music, Pick Up Technology

Last week, when the world experienced the largest ransomware outbreak in history, it also reminded me of our cybersecurity workforce shortage. When events like WannaCry happen, we can never have too many security heroes! There was an idea floating around that suggested individuals with a music background might have a promising future in security. The thinking is: if you can pick up music, you can also pick up technology. The Inside Out Security panelists –…