5 Best Practices for Safe and Secure Remote Work
Thanks to the connected world we all live in, working remotely is becoming increasingly popular and for good reason! Benefits to working from home include hiring for talent rather than geography (Swimlane has been doing this since day one!), having a more flexible work schedule, limiting commuter time, minimizing exposure ... Read More
5 Best Practices for Safe and Secure Remote Work
Thanks to the connected world we all live in, working remotely is becoming increasingly popular and for good reason! Benefits to working from home include hiring for talent rather than geography (Swimlane has been doing this since day one!), having a more flexible work schedule, limiting commuter time, minimizing exposure ... Read More
Domain squatting, typosquatting and homograph attacks
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Domain squatting, typosquatting and homograph attacks
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Domain squatting, typosquatting and homograph detection with Swimlane
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Domain squatting, typosquatting and homograph detection with SOAR
Introduction Domain Squatting, typosquatting and IDN homograph attacks are a combination of techniques used by malicious actors to harvest credentials from an organization, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. Techniques These various attacks—which will be referred to collectively as “squatting” in this post—are ... Read More
Proactive credential dump hunting with SOAR
MITRE ATT&CK™ defines credential dumping as “the process of obtaining account login and password information, normally in the form of a hash or a clear text password, from the operating system and software.” The security information sharing network continues, “Credentials can be used to perform Lateral Movement and access restricted ... Read More
Proactive credential data dump hunting with SOAR
MITRE ATT&CK™ defines credential data dumping as “the process of obtaining account login and password information, normally in the form of a hash or a clear text password, from the operating system and software.” The security information sharing network continues, “Credentials can be used to perform Lateral Movement and access ... Read More
Windows patch released after critical RDP vulnerability
On May 14, 2019, Microsoft released Windows patches for a critical vulnerability (CVE-2019-0708) in Remote Desktop Services/Terminal Services affecting the following versions of Windows: Windows XP (all) Windows 2003 (all) Windows 7 SP 1 (32 and 64 bit) Windows Server 2008: 32 bit SP232 bit SP2 (Server Core Installation)Itanium-Based SP264 ... Read More
CVE-2019-0708: Wormable critical RDP vulnerability in older Windows versions
On May 14, 2019, Microsoft released patches for a critical vulnerability (CVE-2019-0708) in Remote Desktop Services/Terminal Services affecting the following versions of Windows: Windows XP (all) Windows 2003 (all) Windows 7 SP 1 (32 and 64 bit) Windows Server 2008: 32 bit SP232 bit SP2 (Server Core Installation)Itanium-Based SP264 bit ... Read More