


Adam Laub
CMOfeature_status*/ ?>
STEALTHbits Technologies
Comments Dotted :
16
November 02, 2020
Because non-Windows or homegrown applications and resources may not be able to leverage secure connections via Netlogon at this time.
The continued exploitation of a vulnerability allowing attackers easy and unfettered access to the whole of an organization’s digital resources should come as no surprise. Threat actors will attempt to discover and exploit this vulnerability for as long as it continues to work.
However, while sustained vulnerability doesn’t necessarily mean negligence on behalf of organizations that have fallen victim, the most likely excuse as to why they have fallen victim is because they have failed to.....Read More

October 14, 2020
Today it’s Intcomex. Tomorrow it’s anyone’s guess.
Today it’s Intcomex. Tomorrow it’s anyone’s guess. The bottom line is no company or industry is immune to cyberattack. While it seems more of an inevitability than anything else at this point, the probability of successful breach and compromise at tremendous scale like this is really what organizations are somewhat in control of. Focus on the basics and the common denominators in all these breach scenarios is where organizations need to hone their efforts. An overabundance of accounts.....Read More

September 29, 2020
Reputational damage and customer loss have long been used as talking points for those looking to convince powers.
It’s interesting to see consumers taking a more definitive stand on their expectations of corporate data security. It’s also encouraging to see them being more discerning in terms of their online activities. Reputational damage and customer loss have long been used as talking points for those looking to convince the powers that be that investment and attention is not only warranted but required to mitigate the risks of data breach and compliance failure. These statistics indicate the.....Read More

September 29, 2020
Cyberattacks that so directly impact human life are particularly sinister and shameful.
Cyberattacks that so directly impact human life are particularly sinister and shameful. Especially in the thick of a global pandemic, targeting healthcare institutions undoubtedly puts these sorts of cybercriminals on a different level than even those who have impacted hundreds of millions of consumers in a single act, like we’ve seen at organizations like Equifax, MySpace, and eBay in recent years. Frustratingly, these cybercriminals – whether small hacker groups or well-resourced.....Read More

August 11, 2020
Sadly, this breach event looks indistinguishable from virtually any other.
One of the more interesting fields of information buried in the schema details of the Proctoru.com database is “eu_citizen”. While one can’t say for certain based on the information provided, this field almost undoubtedly exists because of the groundbreaking EU GDPR data privacy regulation, which aims to hold all organizations collecting and storing the information of EU residents accountable for violations of that data’s privacy and security. Sadly, this breach event looks.....Read More

March 17, 2020
Just DDoS style attacks aimed at bringing down critical infrastructure.
We’d like to think that in a world where everyone is effectively in the same boat, a sense of togetherness, an unwritten code of conduct, or even a sense of morality would prevent bad actors from doing bad things – even if just temporarily. This obviously is not the case and if anything should serve as a reminder to organizations that one threat hasn’t been traded for another. To the contrary, individuals and groups that prey on the weak will likely look to take advantage of this dire.....Read More

February 20, 2020
This is a great example of how these breaches and their fallout can continue to haunt businesses for quite some time.
This is a great example of how these breaches and their fallout can continue to haunt businesses for quite some time. It’s likely MGM thought this incident was far in the rear view, but the value of their particular dataset continues to have appeal, despite its age and the potential staleness in certain spots.
Something every organization can do to mitigate the risk of unauthorized access to sensitive data is to proactively seek its whereabouts. Knowing where it is should and often does.....Read More

January 16, 2020
proactive security measures like vulnerability assessment and desired state configuration are so important as part of a layered security program
A missing password is a misconfiguration. It’s a mistake. Mistakes can be incredibly costly though and the truth is they’re quite easy to make when it comes to staying on top of the literally thousands of settings that can be so easily exploited and manipulated by threat actors.
This is exactly why proactive security measures like vulnerability assessment and desired state configuration are so important as part of a layered security program though.
Achieving the discipline to ensure even .....Read More

December 17, 2019
The focus on cities and local government entities feels predatorial though.
Modern ransomware variants are incredibly sophisticated and highly difficult to defend against. Gone are the spray and pray days of ransomware. Now it’s about complete compromise, where the ransom aspect is more so a demonstration of just how deep the compromise is.
The focus on cities and local government entities feels predatorial though. These types of organizations often provide important services to large numbers of people, yet commonly lack the capabilities needed to defend themselves .....Read More

November 23, 2019
APT33’s or any other group’s focus on manufacturers and ICS-related industries.
Sadly, one can only hope - at least for the time being - that APT33’s or any other group’s focus on manufacturers and ICS-related industries is limited to reconnaissance and espionage. The damage of identity or IP theft would pale in comparison to the catastrophic failure of a power plant in the dead of winter or any number of unthinkable scenarios.
In a world where there general public has grown largely desensitized to the daily occurrence of data breach, it’s likely that attacks on.....Read More
