Attending Splunk .conf21? Join us for our session, Tips from the Trenches: Practical Search and Response to Stop Ransomware with Splunk. Learn More ➞

ReliaQuest

Author's Posts

What Is Managed Detection and Response (MDR)?

Managed detection and response (MDR) is an outsourced approach to cybersecurity where third parties handle threat monitoring, detection, and response. Specifically, the MDR model pairs endpoint detection and response (EDR) or endpoint protection platforms (EPP) with real-time monitoring and detection of ransomware, malware, and other security intrusions with rapid incident response to address and eliminate […]

What Is Phishing?

Phishing is the practice of stealing credentials by masking malicious intent behind the appearance of something innocuous. An email that looks like it’s from a social network asking you to reset your password is one of the most common versions. Once a user submits their credentials, attackers then use the victim’s account to spread the […]

ReliaQuest’s Experts Weigh In: 2021 Cybersecurity Predictions

This past year has certainly thrown some curveballs at security professionals.  With new threats tied to current events like the COVID-19 pandemic and the United States presidential election, organizations have had to re-evaluate their security strategies and shift priorities, and this new focus will undoubtedly carry into the new year.  Perhaps the greatest reveal that […]

Credential Dumping Part 2: Credential Theft Prevention in Windows

Credential theft is part of almost all attacks within a network, and one of the most widely known forms of credential stealing is surrounding clear-text credentials by accessing lsass.exe. However, this is only a piece of the bigger picture of the Windows credential model. In Part 1 of the Credential Dumping Series, I took a closer […]

Credential Dumping Part 1: A Closer Look at Vulnerabilities with Windows Authentication and Credential Management

For many of us in cybersecurity, we know that credential theft is part of almost all attacks within a network. Arguably, one of the most known forms of credential stealing is surrounding clear-text credentials by accessing lsass.exe. Almost synonymous with credential dumping is the popular tool Mimikatz, which is able to access the LSASS (Local Security Authority […]