Written by Michael Mimoso
Subsidiaries Bring Growth And Risk that Must be Managed
Businesses must be resilient to potential risks introduced by subsidiaries. M&A activity requires cyber due diligence be at the forefront for an acquiring company.
SIGRed Windows DNS Vulnerability Hands Domain Privileges to Attackers
CVE-2020-1350, a wormable Windows DNS server vulnerability, threatens Active Directory domain controllers and network resources.
Hardening Active Directory Blunts Ransomware Extortion Attacks
Recent attacks against firms like NTT highlight why businesses must address critical authentication infrastructure and reduce privileged access to stem potential disruption from ransomware.
Active Directory Attacks Ramp Up in Recent Incidents
Active Directory attacks against NTT and supply chain providers in Europe and Asia included the use of Mimikatz to target Active Directory credentials.
Recent Attacks Reveal Human-Directed Ransomware Playbook
Recent targeted ransomware attacks remind us that securing Active Directory is imperative to containing threat actors already on a network.
QOMPLX Analysis: SFO Airport Attack Spotlights Credential Theft Scourge
A recent spate of attacks on hospitals, government agencies and a major US airport show that nation-state and cyber criminal groups are more interested than ever in Active Directory
Excess Privileges Test Organizations' Cyber Resilience
The recent case of Hongjin Tan underscores the continuing risk of data- and intellectual property theft by rogue employees. But organizations that hope to crack down on such incidents need to address the endemic problem of lax privilege management.
US Case Against China Underscores Similarities Between Equifax and Earlier Hacks
The U.S. Department of Justice case against four Chinese nationals for a cyber attack on Equifax laid bare how public- and private sector organizations are struggling to learn the lessons of previous data breaches and cyber attacks.
Data-Centric Cybersecurity Starts with Authentication
Securing authentication is a critical first step to achieving data-centric cyber security, QOMPLX CEO Jason Crabtree tells Forbes.