Local Admin Passwords: The Hidden Security Risk

Posted by Avi Kama on Jul 16, 2019 11:33:00 AM

You’re a good administrator, and you don’t take shortcuts. You adhere to information security best practices whenever possible, and you take that responsibility seriously.

With that said, a hidden setting in a Windows 10 implementation scenario might result in a precarious setup – one in which every computer in your network can be accessed with the same password. In other words, a hacker would only need to steal a single credential in order to obtain the keys to your entire kingdom. Due to an upcoming change in the Windows platform, there’s a good chance that this could happen to you – here’s how to avoid it.

Read More

Topics: User Risk, Privileged Users, Passwords, Microsoft

Three Lessons You Can Learn from A Recent Security Breach

Posted by Heather Howland on Sep 12, 2018 4:23:43 PM

After an organization has been breached, one of the most critical steps to take is to determine the root cause and to take active steps to more proactively protect the business. Recently, Preempt was brought in to help a Fortune 500 company with a critical internal threat situation. A malicious actor was able to move laterally within the company’s environment, threatening its international brand, financials and customer relationships. Capitalizing on lessons learned during and after incident response provides immediate and long-term benefits to prevent future breaches. These takeaways can also provide valuable advice for other companies who are looking to improve their security posture and prevent business critical attacks. Here, we’ll share the story and outline the top three lessons.

Read More

Topics: Risk, User Risk

The Insider Threat Denial Syndrome

Posted by Eran Cohen on May 18, 2017 12:01:22 PM

I believe there is a “denial syndrome” that exists in cyber security. I’m not referring to the “It won’t happen to me” concept, I’m pointing to a deeper and more dangerous belief. In psychology, denial happens when we are uncomfortable with the facts of reality and instead of dealing with it we reject it, insisting it is not correct.

Read More

Topics: User Risk, Insider Threat