New SOC Talk Webinar: Optimizing Threat Intelligence to Maximize Incident Response - 12/9 at 2:00 PM EST. Register Now ➞

ReliaQuest

Author's Posts

Verizon 2021 DBIR: Ransomware Attacks Doubled 

If there is one lesson we can take away from 2020 is that we all need to be prepared for the worst. Resilience has emerged as the top skill that people and businesses need to possess not only to survive but also to thrive in a changing and challenging world.  Rapid changes require businesses to make rapid but well-informed […]

Top 3 Mistakes When Simulating Cyber Attacks

Breach and attack simulation (BAS) offers an efficient way to validate and test security controls, threat detection capabilities, logging levels in an environment, and incident response workflows. Simulating cyber attacks in this manner allows for security teams to proactively identify and remediate gaps; however, if not performed correctly, security teams may end up with a […]

How to Get the Most out of Your Security Monitoring with the Cyber Kill Chain Model

Updated June 2021 In our personal lives, many of us try to get the most out of a tank of gasoline – waiting until the red indicator shines bright and we finally have to stop at a gas station to fill our tank. This mindset extends to many aspects of our lives, both personally and […]

Credential Dumping Part 2: Credential Theft Prevention in Windows

Credential theft is part of almost all attacks within a network, and one of the most widely known forms of credential stealing is surrounding clear-text credentials by accessing lsass.exe. However, this is only a piece of the bigger picture of the Windows credential model. In Part 1 of the Credential Dumping Series, I took a closer […]

Credential Dumping Part 1: A Closer Look at Vulnerabilities with Windows Authentication and Credential Management

For many of us in cybersecurity, we know that credential theft is part of almost all attacks within a network. Arguably, one of the most known forms of credential stealing is surrounding clear-text credentials by accessing lsass.exe. Almost synonymous with credential dumping is the popular tool Mimikatz, which is able to access the LSASS (Local Security Authority […]