Attivo Networks Blogs

Blogs

Kaseya VSA Supply Chain Ransomware Attack

Reading Time: 2 minutes  |  Published: July 6, 2021 in Endpoint Protection, Ransomware
0 Comments

Written by: Joseph Salazar, Technical Marketing Engineer - A significant reminder of the SolarWinds attack, attackers have once again targeted a trusted software vendor, this time Kaseya, to compromise hundreds of businesses and deploy ransomware. There are reports that the REvil ransomware group was behind...

Credentials Harvesting from Domain Shares

Reading Time: 3 minutes  |  Published: July 2, 2021 in Active Directory, Blogs
0 Comments

Written by: Vikram Navali, Senior Technical Product Manager - Credentials Harvesting is an attack technique adversaries employ after establishing a foothold inside an organization. The technique is to harvest or amass numerous credentials (username/password combinations) for reuse. It helps adversaries move internally to higher-value assets...

Attivo Networks and the Conti Ransomware

Reading Time: 4 minutes  |  Published: June 11, 2021 in Blogs, Ransomware
0 Comments

Written by: Joseph Salazar, Technical Marketing Engineer - In mid-May 2021, the FBI released a security report identifying at least 16 Conti ransomware attacks over the past year on healthcare and first-responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities.  These...

2021 Verizon Data Breach Investigations Report Highlights Importance of In-Network Defenses

Reading Time: 5 minutes  |  Published: June 2, 2021 in Blogs, Research
0 Comments

Authored by: Carolyn Crandall, Chief Security Advocate, Attivo Networks - The Verizon Data Breach Investigations Report (DBIR) is always hotly anticipated by those in the cybersecurity industry, and the 2021 edition is no exception. While last year’s report analyzed data collected before the COVID-19 pandemic had...

Skeleton Key Vulnerability Assessment

Reading Time: 2 minutes  |  Published: May 27, 2021 in Blogs, Vulnerability Assessment
0 Comments

Written by: Vikram Navali, Senior Technical Product Manager - Once an attacker has gained domain admin rights to your Active Directory, there are several techniques they can use and maintain persistence within the Windows environment. One such technique is Modify Authentication Process, where adversaries may...