Blacklist Azure AD

The Risks Azure AD Password Protection Ignores: Compromised and Blacklisted

2022 is shaping up to be an extremely successful year for cybercriminals. Data breaches are accumulating in unprecedented numbers, putting more and more information in the hands of bad actors. Cyberattacks this year have hit big players like Cash App and the Red Cross, as well as smaller companies around the world. Even small data breaches have a part to …

Password Protection

How to Solve the Password Problem

An Overhaul in Password Security Passwords aren’t going anywhere. Despite the buzz that biometrics and MFA are holistic solutions, passwords are a ubiquitous, crucial layer for authentication—and they’re low-cost and simple, too.  That’s not to say that passwords are without issues. In fact, due to ineffective password policies, and poor user habits, they are hotly desired targets. Also, when a password …

SANS Compromised Credentials

SANS Analyst Program, “Fighting Back Against Compromised Credentials”

Analyst Paper Summary “In our evaluation of Enzoic, we found that it supports all of the must-haves that typical security teams would want.” – Jake Williams, SANS  A recent first look paper written by Jake Williams for the SANS cyber security institute outlines the main issues surrounding compromised credentials and preventative measures companies can take.  In the paper and an accompanying webcast, Williams …

privileged accounts

The Exploitation of Privileged Accounts 

The flow of news about data breaches and ransomware attacks is relentless. Businesses of all sizes—large companies included—continue to suffer. Not only do cyber attacks lead to financial damage, but they have knock-on effects like reputational impact and loss of client trust.  What’s less publicized is just how often these breaches are caused by vulnerabilities in privileged accounts.  Privileged accounts …

education

Back to School Means More Cyber Concerns

Cyberattacks continue to rise, threatening the educational sector  As the 2022-2023 school year looms, so do ongoing cyber threats directly targeting schools, universities and school district administrations.  In 2021, there were an average of over 1500 attacks on education and research organization per week and these numbers are expected to continue to rise through 2022. The educational sector is massive …

Stolen Credentials

How Stolen Credentials and Ransomware are a Simultaneous Threat

Defending from Both Directions Over the past decade, the cyber landscape has evolved rapidly. But as Mike Wilson points out for Forbes, with every positive change or technological advancement comes several layers of cyber threat, as criminals continue to seek out weaknesses wherever they can.  Each year the Verizon DBIR provides an overall update on current threat trends and provides insight into who …

Password Policy

Bolstering AD Password Policies

Presets Aren’t Enough  Let’s keep things real: passwords aren’t going anywhere. And with continued—and increasing—ransomware attacks and data breaches popping up everywhere, an organization’s password policies are crucial to its digital security stance.  According to the 2022 Verizon DBIR, a majority of attacks originate from a single entry point: compromised credentials. Since so many organizations use Active Directory (AD) as …