Making Privileged Access Management Complete: Find the JIM to your PAM

Posted by Monnia Deng on Jan 10, 2019 1:50:15 PM

You read that right. In a shameless reference to the Office, I want to be the JIM to your PAM. Jim and Pam’s relationship was undeniable from the start: both of them had a mutual understanding and fit. While they constantly denied their relationship, it was evident that being together made them stronger and better.

Read More

Topics: Privileged Accounts, Privileged Users

Catching Bloodhound Before it Bites

Posted by Nir Yosha on Jan 3, 2019 9:29:32 AM

BloodHound is a public and freely available tool that uses graph theory to automate much of the confusion behind understanding relationships in an Active Directory (AD) environment. It allows hackers and pentesters to know precisely three things: which computers give admin rights to any user, which users effectively have admin rights to any computer, and effective group membership information (see Image 1). Because Bloodhound can be used maliciously, organizations need to better understand how it is being used, how to protect privileged users, and how to prevent attacks.   

Read More

Topics: Adaptive Threat Prevention, Attack Tools, Threat Detection

Happy Holidays! Here’s your Business Email Compromise (BEC) gift card scam

Posted by Monnia Deng on Dec 24, 2018 9:21:00 AM

Deck the hall with sad employees, Fa, la, la, la, la, la, la, la, la! 

'Tis the season to be swindled, Fa, la, la, la, la, la, la, la, la!

Read More

Topics: User Behavior, Threat Mitigation

Enterprises continue to suffer from poor password hygiene and a lack of visibility & control over privileged users

Posted by Yaron Zinar on Dec 19, 2018 6:08:06 AM

It has been more than a year since I last shared Preempt Inspector statistics. Last time we shared Preempt Inspector statistics we found some alarming numbers. With the end of 2018 approaching, I would like to share with you key findings from Preempt Inspector [a free security tool available to download here] to help you focus on the most important security issues you might be facing.

Read More

Topics: Stealthy Admin, Passwords, Privileged Users, Insider Threats

Is Your Organization at Risk Because a Local Administrator Has a Weak Password?

Posted by Marina Simakov on Dec 18, 2018 7:32:55 AM

In July, media reported that SingHealth, Singapore’s largest health organization, was breached with 1.5 million medical records stolen. The stolen records included those of Singapore’s prime minister Lee Hsien Loong. Consequently, a special inquiry had taken place, revealing that SingHealth had several security gaps and vulnerabilities which could have easily been exploited by attackers, including a local administrator account with a very weak password (P@ssw0rd). In fact, one of the ways which enabled the attackers to move laterally in the network was by using compromised Citrix local accounts.

Read More

Topics: Stealthy Admin, Passwords

It’s Time to Get Proactive on Energy Sector Security

Posted by Wade Williamson on Dec 10, 2018 12:58:25 PM

The 2010 discovery of the Stuxnet worm was one of the truly seminal moments in the world of cybersecurity. The world saw firsthand how malicious code could cause crippling damage to physical assets. Virtually every industry had to stop and take notice, and none more so than the energy sector.

Read More

Topics: Hacking, Risk

5 Key Takeaways from the Gartner IAM Summit

Posted by Monnia Deng on Dec 7, 2018 10:44:33 AM

This week, IAM and security professionals came together in Las Vegas for the Gartner Identity and Access Management (IAM) Summit to discuss the top trends and strategies across the IAM landscape in 2018 and beyond. From best practices for implementing mature solutions to discussions about the future of the innovative technologies, the summit gave refuge for all the weary-eyed professionals looking to tackle their biggest security challenges.

Read More

Topics: Identity

6 Tips for Living a Healthy Digital Life and Avoiding Credential Theft This Holiday Season

Posted by Eran Cohen on Nov 29, 2018 7:51:00 AM

Most of us still dream practical, down to earth, old fashioned dreams. And I’d place a bet that not many people, if any, dream about their credentials being stolen.  Almost all of my memories from the last 15 years or so are stored digitally. The majority of my day to day activity is managed online. My online persona is almost identical to my physical one. I imagine that  many of you are in the same situation.

Read More

Topics: Credential Compromise

Making PCI Requirement 8.3 Bulletproof and Simple

Posted by Wade Williamson on Nov 15, 2018 9:22:07 AM

Multi-factor authentication (MFA) has become an essential building block of security policy and practice, and likewise has taken on an increasingly important role in regulatory standards such as the PCI-DSS. Specifically, PCI Requirement 8.3 calls out how MFA should be used to secure both the cardholder data environment (CDE) as well as any networks connected to the CDE. And while protecting your most valuable assets with MFA makes good intuitive sense, the details can get a little tricky if you don’t have a flexible way of enforcing policy in your networks. Fortunately, Preempt’s security platform makes it easy to extend MFA to any asset based on almost context you choose. So let’s take a quick look at what PCI requires, and how you can turn a deceptively tricky requirement into a simple, automated process that you never have to think about.

Read More

Topics: Compliance, PCI

You Failed Your Pen Test: How Can You Reduce Your Attack Surface?

Posted by Heather Howland on Nov 9, 2018 4:04:03 PM

Penetration testing is a critical best practice for virtually any organization’s cybersecurity posture. By putting defenses to the test against trained offensively-minded professionals, organizations can gain deep insights into how they’ll fare against real attackers. Often, the challenge is that the results are not what you would have hoped. When pen testers are able to carve through your defenses at will, it can be discouraging and hard to know where to start.

Read More

Topics: Insider Threat, Hacking, Threat Mitigation