Hardening Systems Against Attacks Like SolarWinds

March 24, 2021 / by Chuck White

How Key Management, PKI Controls, and Zero Trust Principles are Applied to Thwart Advanced Persistent Threats (APTs)

For years, cybersecurity professionals argued the importance of “zero trust networks” and their concerns have been fully validated in the wake of the SolarWinds incident. Hacking techniques likely used in the SolarWinds Sunburst attack include mapping of sIDHistory, Primary Group ID, as well as AdminSDHolder to help identify and obtain cached Active Directory credentials. The compromised SAML keys and cryptographic materials were then likely used to execute administrative control and exfiltrate data over an extended duration.

Read more

CISO SCENARIO: Your Subcontractor Has Been Breached | Fornetix

October 08, 2020 / by Charisma Burghouts

Let us consider a scenario in which an organization, a general contractor utilizing at least one subcontractor, implements a production chain security strategy powered by encryption, but NEGLECTS the addition of a key management system. You’re the CISO, responsible for the cybersecurity strategy that ensures your organization’s information assets and technologies are adequately protected.

Read more
1
Page 1 of 1

Subscribe to Email Updates

Recent Posts