Blog

Data Security

Kerberos Weaknesses: Pass the Ticket Is a Real Threat

Michael Buckbee

Michael Buckbee

August is always a good time to check up on the dark side.  Black Hat had its annual conference earlier this month, and there are always presentations worth looking at....

Top Five Most Dangerous Software Errors

Michael Buckbee

Michael Buckbee

Over the years, Mitre, the MIT research group, has been analyzing software bugs and missteps that hackers have been able to exploit. Their Common Vulnerabilities and Exposures (CVE) classifications are...

Authentication Lessons from the Magic Kingdom: A Closer Look at Kerberos, Part I

Michael Buckbee

Michael Buckbee

The flaws in NTLM I’ve been writing about might lead you to believe that highly-secure authentication in a distributed environment is beyond the reach of mankind. Thankfully, resistance against hackers...

Pass the Hash, Part III: How NTLM Will Get You Hacked

Michael Buckbee

Michael Buckbee

The most important takeaway about PtH is that the password hashes that are stored in memory (and grabbed by hackers) are a feature of Single Sign On.

3 Deadly File Permissions Mistakes

Rob Sobers

Rob Sobers

Scarily, in most organizations people have access to much more information than they need in order to do their jobs.  With file permissions, it’s easy to mess things up and...

A Closer Look at Pass the Hash, Part II: Prevention

Michael Buckbee

Michael Buckbee

Last week, I attended a webinar that was intended to give IT attendees a snapshot of recent threats—a kind of hacker heads-up. For their representative case, the two sec gurus...

A Closer Look at Pass the Hash, Part I

Michael Buckbee

Michael Buckbee

We’ve done a lot of blogging at the Metadata Era warning you about basic attacks against passwords. These can be mitigated by enforcing strong passwords, eliminating vendor defaults, and enabling...

What’s the Difference between Hacking and Phishing?

Michael Buckbee

Michael Buckbee

Because I’ve boldly assigned myself the task to explain hacking and phishing, I feel compelled to define both terms concisely because, as Einstein’s been quoted countless times, “If you can’t...

How to Configure Varonis and EMC Isilon

Rob Sobers

Rob Sobers

Customers of EMC’s popular Isilon storage platform have been clamoring for sophisticated controls around their sensitive, regulated content—e.g., SOX, PCI, intellectual property, etc.  Varonis is the perfect fit.  With our...

5 Privacy Concerns about Wearable Technology

Michael Buckbee

Michael Buckbee

With over 55 different fitness wearable devices to choose from, the wearables market has breathed new life into our personal health, providing us with more insight into our sleep patterns,...

Automate Exchange Distribution List Management

Michael Buckbee

Michael Buckbee

From a business perspective, distribution lists (DLs) for email communications are a powerful and well-understood concept in IT. And they are popular: Exchange admins have voted with their right-clicks, creating...

CIFS vs SMB: What's the Difference?

Rob Sobers

Rob Sobers

CIFS, SMB, Samba, and NFS are technolgies used to network client and server systems. Learn the difference between them and which to use when.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.