Lessons from the Medibank breach
Ming Fu, a member of the Americas Pre-Sales Engineering Team at QOMPLX, looks at the much publicized Medibank breach in Australia last year, and draws a few much needed lessons based on the published findings of this breach.
IcedID Malware Gaining Prominence by Adding Identity Attack Chains
Brian Freedman, WW Director of Solution Architecture highlights how identity controls are necessary tools, along with EDR, to combat evolving malware threats that have been expanding to include identity compromise as a primary objective in their attack strategies.
Microsoft Exchange Mass Hack: The Long Road Ahead
Patching the recently disclosed flaws in Microsoft Exchange is both difficult and the easy part. The hard part comes after, as organizations look to assess the damage, and their future with Redmond’s aging and vulnerable identity infrastructure.
Excess Privileges Test Organizations' Cyber Resilience
The recent case of Hongjin Tan underscores the continuing risk of data- and intellectual property theft by rogue employees. But organizations that hope to crack down on such incidents need to address the endemic problem of lax privilege management.
Worried about Human Operated Ransomware? Stop using NTLM, start validating Kerberos
Microsoft's excellent report on human-operated ransomware attacks didn't mention a common thread in many successful attacks: continued use NTLM. Here is QOMPLX's advice on how to take away a ransomware attackers biggest advantage.
US Case Against China Underscores Similarities Between Equifax and Earlier Hacks
The U.S. Department of Justice case against four Chinese nationals for a cyber attack on Equifax laid bare how public- and private sector organizations are struggling to learn the lessons of previous data breaches and cyber attacks.