The CMU CERT team I referred to in my last post also has some interesting analysis on the actual mechanics of these phishing attacks. Based on reviewing their incident database, the CERT team was able to categorize phishing attacks into two broader types: single- versus multi-stage.

In a Kerberos environment, all users get tickets, or more specifically TGTs (Ticketing Granting Tickets). It’s the starting point for gaining access to services—network files, email, apps, etc. In Windows, there’s one user who stands out, the all-powerful domain administrator. They have access to the keys of the kingdom, literally—the Domain Controller on which the Active Directory databases resides. Therefore the TGT for a domain admin is a valuable ticket.

August is always a good time to check up on the dark side. Black Hat had its annual conference earlier this month, and there are always presentations worth looking at. I’ve been writing about Kerberos recently, and while it’s a big improvement over Microsoft’s NLTM, nothing is ever perfect. I came across a presentation that looks more closely at the weaker points of Kerberos.

Over the years, Mitre, the MIT research group, has been analyzing software bugs and missteps that hackers have been able to exploit. Their Common Vulnerabilities and Exposures (CVE) classifications are something of a de-facto standard used for describing the root software causes in an attack. Working with SANS, the Mitre CVE team has come up with a list of the Top 25 Most Dangerous Programming Errors. Below we take a journey through the top five.

The flaws in NTLM I’ve been writing about might lead you to believe that highly-secure authentication in a distributed environment is beyond the reach of mankind. Thankfully, resistance against hackers is not futile. An advanced civilization, MIT researchers in the 1980s to be exact, developed open-source Kerberos authentication software, which has stood the test of time and provides a highly-secure solution.

This article is part of the series "A Closer Look at Pass the Hash". Check out the rest: Part I Part II: Prevention Part III: How NTLM Will Get You Hacked (and What You Should Do About It)

Scarily, in most organizations people have access to much more information than they need in order to do their jobs. With file permissions, it’s easy to mess things up and hard to find and fix problems, especially in large environments. One tiny mistake can cause a ripple effect across terabytes of data, opening up a massive security hole.

This article is part of the series "A Closer Look at Pass the Hash". Check out the rest: Part I Part II: Prevention Part III: How NTLM Will Get You Hacked (and What You Should Do About It)

This article is part of the series "A Closer Look at Pass the Hash". Check out the rest: Part I Part II: Prevention Part III: How NTLM Will Get You Hacked (and What You Should Do About It)

Because I’ve boldly assigned myself the task to explain hacking and phishing, I feel compelled to define both terms concisely because, as Einstein’s been quoted countless times, “If you can’t explain it simply, you don’t understand it well enough.”

Customers of EMC’s popular Isilon storage platform have been clamoring for sophisticated controls around their sensitive, regulated content—e.g., SOX, PCI, intellectual property, etc. Varonis is the perfect fit. With our new integration, EMC Isilon customers can audit, manage and protect their human-generated data.

With over 55 different fitness wearable devices to choose from, the wearables market has breathed new life into our personal health, providing us with more insight into our sleep patterns, calories burned, blood pressure, heart rate and so much more. In the near future, we may even ingest sensors to gauge how our body reacts to a drug. Adorning ourselves from head to toe with devices that allow us to quantify our health in new ways could bring enormous health benefits.