Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The last few years have seen a huge shift in how organizations work with their data. The COVID pandemic accelerated a digital transformation as workers transitioned from the office to home-based and back into hybrid working environments. With this new set-up, collaboration is key to worker efficiency. However, the adoption of Microsoft 365 and Teams as a front-end platform has created new challenges for security teams.

The first annual cloud-native threat report from Sysdig explores some of the year’s most important security topics in the cloud. As the use of containers and cloud services keeps growing, threat actors are increasingly turning their attention to this new attack surface. The cloud offers unique opportunities for threat actors due to the inherent scalability and complexity of cloud resources.

Cybersecurity is a team sport, and SecurityScorecard is proud to partner with the Joint Cyber Defense Collaborative (JCDC) to share cyber threat information in defense of public and private critical infrastructure.

The tech sector is expanding aggressively. And for businesses and services, keeping up with this growth implies only one thing: integrate new technologies and innovate at pace or be left out.

Moving to a new home is listed as one of the main stressors in life. When organizations switch offices to accommodate business needs, moving can also be a major stressor for IT teams — but it doesn’t need to be. Not too long ago we moved our Boston office to a new location, one of our major engineering hubs, where many of our engineers and IT members work.

Single sign-on (SSO) and 1Password make a great team. Separately, 1Password and SSO each reduce your attack surface by securely logging you in to sites and services you use to get things done. Together, they’re a powerful risk reduction duo.

In my previous blog, I covered the many different types of cyber threat intelligence and why gathering CTI is beneficial to security teams. In this post, I will dig into the cyber threat intelligence lifecycle framework and a model to help correlate and contextualize your findings.

The IT systems and data of the Department of Defense (DoD) and its network of contractors are a matter of national security. Accordingly, the DoD maintains cybersecurity requirements that organizations must meet in order to be an approved vendor for the DoD. This article provides an overview of the most pertinent documents that inform the DoD’s cybersecurity expectations for defense industrial base (DIB) organizations, a review of useful frameworks, and tips for implementing DoD requirements.

In our first post of the series, we looked at ways to detect pass-the-hash attacks, which exploit NTLM authentication within an Active Directory domain. Pass-the-ticket is a related attack that which leverages Kerberos authentication to perform lateral movement. In this post, we will dive into how the pass-the-ticket attack works and what you can do to detect it.

Using the ChangeNTLM and SetNTLM commands in Mimikatz, attackers can manipulate user passwords and escalate their privileges in Active Directory. Let’s take a look at these commands and what they do.