Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Articles by

Andy Green

Insider Threats: Living With WMI Permanent Events

At the end of the previous post in this series, I suggested WMI permanent events, though somewhat complicated, is a more effective way for insiders to conduct surveillance on their...

Read More

Active Directory Has a Privacy Problem

Back when I was pen testing with the wonderful PowerView, I was using it to pull user information from Active Directory.  At the time I was more interested in gathering...

Read More

What is DNS Tunneling? A Detection Guide

DNS Tunneling turns DNS or Domain Name System into a hacking weapon. As we know, DNS is a giant White Pages or phone directory for the Internet. DNS also has...

Read More

What the H**L Does Reasonable Data Security Really Mean?

For anyone who’s spent time looking at data security laws and regulations, you can’t help but come across the words “reasonable security”, or its close cousin “appropriate security”.  You can...

Read More

California Consumer Privacy Act (CCPA) Compliance Guide

The California Consumer Privacy Act (CCPA) is “the first consumer privacy act in the country,” as one California legislator put it.  No other US state has provided its citizens with  GDPR-like...

Read More

Insider Threats: Hard Lessons From WMI Eventing and Surveillance

Last time, we explored how a hypothetical insider could use the Windows Management Interface (WMI) and its eventing system to surveil other employees. No, I’m not the first person to...

Read More

A Practical Software Approach to Insider Threats

Insider data theft presents multiple challenges for traditional IT security. Insiders are employees who are entitled to be in the network unlike hackers. Standard perimeter security measures won’t work. But...

Read More

California Consumer Privacy Act (CCPA) and the Future of Data Security Standards

If you’ve been following the blog, you know that the California Consumer Privacy Act, or CCPA, is set to take effect on January 1, 2020. It will establish a new...

Read More

Insider Threats: Stealthy Hacking With WMI (Windows Management Instrumentation)

In looking at Windows features and tools from the perspective of a pen tester, it’s easy to lose sight that Microsoft’s operating system is really, wait for it, impressive. I...

Read More

Insider Threats: Stealthy Password Hacking With Smbexec   

As we’ve been writing about forever, hackers are relying more on malware-free techniques to fly below the radar. They’re using standard Windows software to live off the land, thereby getting...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.