Google Cloud's Threat Horizons report found weak or absent passwords leading as the access method most commonly exploited by threat actors, accounting for 46% of initial breaches.
After leveraging a vulnerability and the privilege escalation tools PsExec and JuicyPotato to gain SYSTEM access on targeted devices, Andariel stealthily established a low-privilege local user before altering the Security Account Manager registry to facilitate RID hijacking, a report from AhnLab Security Intelligence Center showed.
Such a vulnerability is slightly more severe in configurations involving single-factor authentication with user-managed AuthFile, as well as the utilization of pam-u2f for single-factor authentication with other Pluggable Authentication Modules, compared with scenarios involving 2FA with a centrally managed AuthFile.
After establishing an updated inventory of self-hosted apps within a network, Orchid leverages LLM analytics with optimal reasoning and code recognition capabilities for identity control and authentication evaluations that consider cybersecurity framework compliance, according to the firm.
Trelica's cloud service specializes in identifying shadow IT applications -- software-as-a-service tools deployed without IT approval -- by analyzing logs from internal systems.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
