Ten Active Directory Misconfigurations that Lead to Total Domain Compromise

March 13, 2019

Introduction: Active Directory Security Risks Why is Microsoft Active Directory (AD) the business world’s most targeted asset? Because with just a few queries to AD from a compromised endpoint, attackers obtain all the information they need to steal domain admin credentials and move laterally to high-value assets. Put another way: Attackers gain control of an organization’s vital assets simply by compromising a single domain-connected endpoint. The AD database exposes all identities and resources on the corporate network to any domain-connected user; AD authorizes users (whether legitimate or nefarious) to use its built-in query capability to locate sensitive information.

Spotlight

IT Solutions Consulting, Inc.

IT Solutions is an employee-owned, full-service IT company, providing network management and support as well as custom application and web development services to clients across the Greater Philadelphia and Mid-Atlantic regions for more than 20 years. At ITS, we take a different approach than most IT companies. Every employee doesn’t just act like an owner, every employee IS an owner with actual stock in the business through our Employee Stock Ownership Plan (ESOP).

OTHER WHITEPAPERS
news image

Ransomware: How to prevent, predict, detect & respond

whitePaper | January 9, 2020

The malicious programs known as ransomware have attracted a significant amount of coverage in the mainstream media over the last few years, as major companies and organizations announced that their operations had been affected by the threat. Examples of affected businesses include hospitals, universities and major international corporations [2, 3]. Despite the alarming nature of the threat, the way ransomware gains entry onto a user’s device is actually no different from the methods used by other threats. Ransomware is most commonly spread by two methods.

Read More
news image

Cybersecurity Whitepaper 2018

whitePaper | December 12, 2019

Most of the Small to medium-sized companies are unaware about the ways in which they’re vulnerable. More than 45% mistakenly believe they’re not a viable victim. They are just too small a target in comparison to larger organizations and tend to have a blind eye towards the cyber threats they face, which is in sharp contrast to what attackers think.

Read More
news image

Fortinet Security Fabric Enables Digital Innovation

whitePaper | February 5, 2020

Organizations are rapidly adopting digital innovation (DI) initiatives to accelerate their businesses, reduce costs, improve efficiency, and provide better customer experiences. Common initiatives involve moving applications and workflows to the cloud, deploying Internet-of-Things (IoT) devices on the corporate network, and expanding the organization’s footprint to new branch locations. With this evolving infrastructure also come security risks. Organizations must cope with growing attack surfaces, advanced threats, increased infrastructure complexity, and an expanding regulatory landscape. To accomplish their desired DI outcomes while effectively managing risks and minimizing complexities, organizations need to adopt a cybersecurity platform that provides visibility across their environment and a means to manage both security and network operations easily.

Read More
news image

2020 Cyber Security Predictions

whitePaper | January 28, 2020

This year there are some common themes that endure, so we’ll highlight these as “work in progress”. Transformations often take longer than 12 months to be identifi ed as necessary, to be executed and to become established. However, there are other themes emerging through a combination of drivers from audit, compliance security and governance that are now showing signs of infl uencing the way that cyber risks are managed in a much shorter timescale.

Read More
news image

Scenarios for the Future of Cybercrime - White Paper for Decision Makers

whitePaper | January 28, 2020

Project 2020 is an initiative of the International Cyber Security Protection Alliance (ICSPA). Its aim is to anticipate the future of cybercrime, enabling governments, businesses and citizens to prepare themselves for the challenges and opportunities of the coming decade. It comprises a range of activities, including common threat reporting, scenario exercises, policy guidance and capacity building.

Read More
news image

Symantec White Paper - The Cyber Resilience Blueprint: A New Perspective on Security

whitePaper | January 2, 2020

In this sophisticated threat environment, traditional security tactics are failing. Symantec encourages organizations to revisit their security posture to build a more cyber resilient enterprise. Resilience is not defined by a series of checklists, but through evaluations based on the current threat environment and the acceptable risk level for the organization.

Read More

Spotlight

IT Solutions Consulting, Inc.

IT Solutions is an employee-owned, full-service IT company, providing network management and support as well as custom application and web development services to clients across the Greater Philadelphia and Mid-Atlantic regions for more than 20 years. At ITS, we take a different approach than most IT companies. Every employee doesn’t just act like an owner, every employee IS an owner with actual stock in the business through our Employee Stock Ownership Plan (ESOP).

Events