Credential Compromise
Fraud Shifts to Travel, Gaming Sites as Economies Reopen
Nathan Eddy | | account takeover attack, covid-19 fraud, Credential Compromise, Fraud, phishing attack
The prevalence of digital fraud attempts on businesses and consumers continues to rise as malicious actors are shifting their focus in 2021 from financial services to travel and leisure and other industries ...
Security Boulevard
Why Insider Threat Denial is Everyone’s Problem
People don’t like to admit when they’re wrong. And really, who can blame them? Being wrong is uncomfortable, anxiety-inducing, and embarrassing. These are all feelings that people try their best to avoid ...
Red Flag Alert: Service Accounts Performing Interactive Logins
Monnia Deng | | Active Directory, black hat, Credential Compromise, insider threat, lateral movement, passwords, Privileged Accounts, Stealthy Admin
In the world of account security, we often focus on end user accounts as the weak vector vulnerable to attackers. On the contrary, we at Preempt see something that happens just as ...
Empowering Employees to Reduce Security Incidents
Eran Cohen | | Adaptive Response, Conditional Access, Credential Compromise, Identity Verification, Incident Response, insider threat, Multi-Factor Authentication, threat detection, UEBA
In the hustle and bustle of our modern world, we can all get easily lost in the noise. One kind of noise is most frustrating for security teams: the noise of security ...
Disrupting an Attacker from Exploiting Domain Credentials
Security professionals often feel they don’t have enough time to keep up with modern threats. In fact, Crowdstrike researchers have found that top threat actors can go in and out of networks ...
Brute Force Attacks: Denying the Attacker, Not the User
Heather Howland | | Conditional Access, Credential Compromise, Incident Response, password brute force, Privileged Users, threat detection, UEBA
According to haveIbeenpwned.com, close to 8 billion accounts have been compromised. The site provides a tool to see if any of your passwords have been compromised and are available on the dark-net ...
What State-Sponsored Attacks Can Teach Us About Conditional Access
Nir Yosha | | Attack Tools, Conditional Access, Credential Compromise, Hacking, lateral movement, NTLM, Privileged Accounts, Ransomware
People often think that state-sponsored attacks from groups like Lazarus (North Korea), Fancy Bear (Russia) or menuPass (China) only target public federal organizations in Western nations like the U.S. This is simply ...
How to Thwart an Attacker’s Attempt to Compromise Credentials and Move Around a Network
In the past year, we have seen numerous publicly traded corporations (Marriott and T-Mobile), airlines (Cathay Pacific and Delta), and tech companies (Facebook and Google+) all breached because of some type of ...
Conditional Access Establishes Trust In the Network
Heather Howland | | APT, Compliance, Credential Compromise, Multi-Factor Authentication, Privileged Accounts, risk, user and entity behavior analytics, User Behavior
Stolen or compromised credentials pose well-known risks to organizations and their employees. And as hackers and other malicious actors become more advanced and sophisticated in their techniques, the global threat is increasing ...
Three Ways to Limit the Cybersecurity Impact of the Government Shutdown
UPDATE (Jan. 25): Recent news reports state a deal has been reached to re-open the federal government through Feb 15. The issues outlined in this blog continue to apply to public and ...