Latest articles
New Mirai Attacks, But It’s Still About Passwords
Dec 08, 2016
Last week, Mirai-like wormware made the news again with attacks on ISPs in the UK. Specifically, customers of TalkTalk and PostOffice reported Internet outages. As with the last Mirai incident...
PowerView Pen Testing
Nov 30, 2016
Pen Testing Active Directory Environments, PowerView, and how to go on the offensive with AD, take a look at our guide!
Understanding SQL Injection, Identification and Prevention
Nov 21, 2016
When you think of a website getting hacked, you might picture someone in a hoodie in a high tech bunker (or their mom’s basement), wailing on a keyboard, controlling thousands...
Pen Testing Active Directory Environments, Part I: Introduction to crackmapexec (and PowerView)
Nov 10, 2016
I was talking to a pen testing company recently at a data security conference to learn more about “day in the life” aspects of their trade. Their president told me...
Overheard: "IT security has nothing to learn from the Mirai attack”
Nov 01, 2016
After my post last week on the great Mirai Internet takedown of 2016, I received some email in response. One of the themes in the feedback was, roughly, that ‘Mirai...
The Mirai Botnet Attack and Revenge of the Internet of Things
Oct 27, 2016
Once upon a time in early 2016, we were talking with pen tester Ken Munro about the security of IoT gadgetry — everything from wireless doorbells to coffee makers and...
NTFS Permissions vs Share: Everything You Need to Know
Oct 25, 2016
NTFS permissions are used to manage access to the files and folders that are stored in NTFS file systems. When you are using share and NTFS (NT File System) permissions together, the most restrictive permission wins.
What is Privileged Access Management (PAM)?
Oct 20, 2016
Privileged access management is the process to monitor and secure your most sensitive user accounts. Keep reading to find out how to use PAM to keep your data safe.
The Federal Trade Commission Likes the NIST Cybersecurity Framework (and You Should Too)
Oct 11, 2016
Remember the Cybersecurity Framework that was put together by the folks over at the National Institute of Standards and Technology (NIST)? Sure you do! It came about because the US...
When a Cyber Attack Is a Political Weapon
Oct 06, 2016
We’re not surprised when hackers attack companies to scoop up credit card numbers or to cause IT disruption. If they’re state sponsored, they may target organizations to pull out intellectual...
How to setup your DNS Server like North Korea
Sep 29, 2016
I can only imagine it’s a high stress job doing IT support for Kim Jong Un as he’s the kind of manager who probably watches you over your shoulder, touches...
The Difference Between SSL and TLS
Sep 16, 2016
SSL and TLS are used interchangably in conversations as they are incredibly closely related. Knowing the subtle difference is key.
Try Varonis free.
Deploys in minutes.