Kerberoasting is a form of cyber attack that targets service accounts using the Kerberos authentication protocol. Attackers exploit the authentication protocol to extract password hashes and crack the plaintext passwords attached to the account. These attacks are prevalent because they can be difficult to notice and mitigate.

As anyone who has filled out an expense report can tell you, cost management is everyone's responsibility. Organizations must apply a careful balance of budget planning and expenditures that are in sync with the company's changing cash flows.

Over the past month, we’ve rolled out several new capabilities.

The security analyst firm Frost & Sullivan positioned Trustwave as a leader and top innovator in its research on the MDR market landscape, noting its innovative, industry-leading cloud-native Fusion platform provides visibility into cloud, network, endpoint, OT, and email environments, while its Managed Detection and Response solution will spur faster than average industry revenue growth.

Assigning users to the right devices, applications, networks, VPNs, and files is a critical part of every company’s IT workflow. Get it wrong, and you’ve instantly tarnished a new hire’s experience — or worse, opened the door to security and compliance violations. With so much riding on this one component of IT or MSP work, organizations of any size need to be judicious about the identity and access management (IAM) tools they select.

In this installment of Hunting with Splunk we’re showing you how to detect suspicious and potentially malicious network traffic to “new” domains. First, let’s delve into what we mean by “new” domains and why you should make a habit of detecting this activity in the first place. (Part of our Threat Hunting with Splunk series, this article was originally written by Andrew Dauria. We've updated it recently to maximize your value.)

Cybercriminals are always on the lookout for vulnerabilities to exploit and steal sensitive information. One such threat is credential stuffing, a type of cyberattack that can cause significant damage to both individuals and businesses. Credential stuffing is a cyberattack that involves the use of stolen account credentials to gain unauthorized access to user accounts on other systems.

The importance of security awareness It’s well worth taking the time to craft a meaningful and engaging security awareness program. By presenting the right mix of information to your users in a compelling way, you can empower them to help you improve your organization’s security posture as well as create a more robust security culture overall. The cybersecurity topics that you include in your program should be relevant to your business and industry, of course.

Anti-bot solutions have been around for a long time. Firewalls and WAFs are used by all kinds of businesses to protect their online assets from malicious bots. But as bots become more sophisticated and bot traffic volumes increase, many of these measures have become outdated and ineffective. If your anti-bot system isn’t performing, it could open your site to serious data breaches and other threats like Credential stuffing attacks and online fraud.