Written by: Carolyn Crandall, Chief Deception Officer and CMO - Cybercriminals are growing more advanced, and one of the most successful tactics employed by cybercriminals remains credential theft. Unfortunately, too many organizations are leaving credentials exposed and easy for attackers to find—and once they fall...
Author: Biju Varghese, Technical Product Manager - Adversaries are adopting creative methods in these COVID-19 epidemic conditions to gain access to company assets. Ransomware is one such creative digital form of extortion that affects companies of all sizes. One prevalent method adversaries use to compromise and...
Author: Venu Vissamsetty, Founding Engineer, Attivo Networks - A pair of zero-day vulnerabilities in Google Chrome (CVE-2020-15999) and Microsoft Windows (CVE-2020-17087) are being chained together and exploited to perform privilege escalation and gain administrator access to a system....
Author: Venu Vissamsetty, Founding Engineer at Attivo Networks - Organizations are facing ransomware threats daily. The older ransomware strains only encrypted the local infected system, which limited the damage caused to an organization. The newer ransomware variants use self-propagating techniques to move laterally and spread...
Written by: Biju Varghese, Technical Product Manager at Attivo Networks - Since 2014 Kerberos Silver Ticket attack has been a well know Active Directory Attack method widely used by the Red Team, pen testers, and some of the state-sponsored attacks. I do not want to get...
Written by: Venu Vissamsetty, VP Security Research, Founding Engineer - Secura researchers have disclosed a vulnerability, CVE-2020-1472 Zerologon, that affects all Microsoft Windows Server versions, allowing attackers unauthenticated access to domain controllers, and has given it a CVSS score of 10.0....
Written by: Joe Carson, Sr. Director, Professional Services at Attivo Networks, Inc. - From time to time, I am asked to help a customer validate the efficacy of their deception implementation. This can be part of a pilot deployment, or after full operationalization. In many cases, organizations...
Written by: Carolyn Crandall, Chief Deception Officer and CMO - I recently read the Gartner guidance document on being resilient to prepare for cyber risk following the COVID 19 breakout. I thought it would be interesting to look at their guidance and to see how...
Written by: Joseph Salazar, Technical Marketing Engineer - A few months ago, Attivo Networks released its ADSecure offering, which protects Active Directory against unauthorized queries. Before release, the solution went through extensive beta testing with several organizations that used Red Team security evaluations against it...
Written by: Kevin Finch, Global Security Strategist, WWT and Tony Cole, Chief Technology Officer, Attivo Networks...