Following the digital trail: what happens to data stolen in a phishing attack

Introduction A typical phishing attack involves a user clicking a fraudulent link and entering their credentials on a scam website. However, the attack is far from over at that point. The moment the confidential information falls into the hands of cybercriminals, it immediately transforms into a...

Extending Spring Data Repositories Just Got Easier

Since its inception, Spring Data Repositories have been designed for extension, whether you want to customize a single query method or provide a completely new base implementation. The 2024.1 release enhances your ability to extend a repository with custom functionality making it easier than ever...

ManageEngine ADAudit Plus Xnode Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus Xnode Enumeration', 'Description' = %q This module exploits default admin credentials for the DataEngine Xnode server i...

7 Ways Good Data Security Practices Drive Data Governance

As more organizations continue with digital transformation plans, their ability to be good stewards of the data for which they are responsible becomes more difficult. They are generating more data, more data types, in more repositories, in more and different architectures. Every day, organization...

Five Steps to Integrating a Data Repository Vulnerability Assessment Into A WAF–Driven Vulnerability Management Program

A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed. There are...

ManageEngine DataSecurity Plus Xnode Enumeration

This module exploits default admin credentials for the DataEngine Xnode server in DataSecurity Plus versions prior to 6.0.1 6011 in order to dump the contents of Xnode data repositories tables, which may contain a limited amount of Active Directory information including domain names, host names,...

ManageEngine ADAudit Plus Xnode Enumeration

This module exploits default admin credentials for the DataEngine Xnode server in ADAudit Plus versions prior to 6.0.3 6032 in order to dump the contents of Xnode data repositories tables, which may contain a limited amount of Active Directory information including domain names, host names,...

How Organizations Manage to Understand Millions of Unstructured Data Files at Scale

For an ever-growing segment of organizations, making sense of unstructured data is fast becoming imperative. It is also far more challenging. Unlike structured data that’s stored in rows and columns, text-based, and easy to search in relational databases and data warehouses, there is no defined...

Why a “Lift-and-shift” Cloud Migration Strategy Doesn’t Support Data Security

The classic 1982 Steven Spielberg horror film “Poltergeist” chronicles disturbing, unexplained paranormal activity happening in a suburban family’s idyllic home. As the activity becomes more sinister and terrifying, the family learns that their neighborhood was built on an old burial ground. It...

Gain Insight into Database Security Vulnerabilities you Didn’t Know you Had

Identifying and taking action to stop policy-violating behavior is hard enough when you have complete insight into the risks affecting your data repositories. It is virtually impossible to achieve security, however, when you cannot even see these risks to your data repositories. Unfortunately, to...

Challenges of Insider Threat Detection – Whiteboard Wednesday [Video]

Insider threat detection and containment of insider threats requires an expert understanding of both users and how they use and access enterprise data. In our first Whiteboard Wednesday, Drew Schuil, Vice President of Global Product Strategy at Imperva, talks about the challenges of insider threa...

Why Care About Data-Centric Security?

It’s no surprise that data breaches are evolving and becoming increasingly more complex. According to the Verizon 2017 Data Breach Investigation Report, data breaches are “complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious...