Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

Credentials

Below you will find reports with the tag of “Credentials”

image from Chronic [Cyber] Pain: Exposed & Misconfigured Databases in the Healthcare Industry

Chronic [Cyber] Pain: Exposed & Misconfigured Databases in the Healthcare Industry

A first hand account of using open source intelligence techniques to discover publicly exposed data stores of healthcare information.

Added: January 25, 2019
image from Global Internationalized Domain Name Homograph Report Q2/2018

Global Internationalized Domain Name Homograph Report Q2/2018

In this new research report, Farsight Security set out to determine the prevalence and distribution of IDN homographs across the Internet. We examined 100M IDN resolutions over a 12-month period with a focus on over 450 top global brands across 11 sectors including finance, retail, and technology.

(more available)
Added: January 16, 2019
image from SophosLabs 2019 Threat Report

SophosLabs 2019 Threat Report

From the report, “As the report that follows describes, SophosLabs has been observing a small but growing number of criminals forced to resort to a variety of manual hacking techniques – previously the purview of esoteric, targeted attackers – just to maintain their dishonorable income streams. The downside is that it’s much more challenging to halt these hybridized threats using conventional methods, but it also means there are fewer criminals competent enough to conduct them, and we keep driving up the cost of their operations. It’s a Darwinian process, and the sort of shift in attacker/defender economics we’ve been striving to achieve for a long time. We consider that a victory, and the start of a trend of attacker disruption that we intend to continue driving.”

(more available)
Added: January 15, 2019
image from Quarterly Threat Report: Q3 2018

Quarterly Threat Report: Q3 2018

It’s harvest time (at least here in the United States), and as we prepare to reap the bounties of the land, so too have we seen attackers make good use of the exploits they’ve sown and infrastructure they’ve co-opted. The credential compromises and remote access attempts of Q2 have ripened into suspicious service logins and lateral movement actions involving credentials, along with increases in the presence of malware on systems.

(more available)
Added: January 15, 2019
image from Definitive Guide To Azure Security

Definitive Guide To Azure Security

While popular out-of-the-box SaaS products like Salesforce, Box, Dropbox, and Office 365 are becoming common in the workplace, many enterprises have business needs that require custom-made applications.

(more available)
Added: January 15, 2019
image from Epic Failures In DevSecOps: Volume 1

Epic Failures In DevSecOps: Volume 1

This is the first in a series of books tracking changes and discoveries within the DevSecOps Community. The stories are by people who have been sloshing around in the swamps of software development for years, figuring out how things work, and most importantly, why things didn’t work.

(more available)
Added: January 15, 2019
image from Cyber Intrusion Services Casebook 2018

Cyber Intrusion Services Casebook 2018

From the report, “This casebook presents some of the findings and recommendations we’ve made in key engagements across a representative sample of the work we performed last year. We dig into: Emerging and notable trends, Examples of ill-prepared organizations and the devastating effects of the breaches they suffered, Essential recommendations to prevent companies from becoming another statistic of poor security planning and execution. This casebook also underscores the expertise of our team and the important work we’re doing at CrowdStrike® Services. As you read the case studies, you will see that CrowdStrike stands shoulder-to-shoulder with our clients as we work together to stop adversaries and repair damage. But this casebook is not just for CrowdStrike clients — we want everyone to become better prepared to overcome their adversaries in 2019.”

(more available)
Added: January 15, 2019
image from Cyber Attack Survival Checklist

Cyber Attack Survival Checklist

This report offers a checklist for surviving a Cyber Attack.

Added: January 1, 2019
image from Beyond Malware: Detecting The Undetectable

Beyond Malware: Detecting The Undetectable

This report discusses a key issue in a Malware-centric defense approach; it will leave you vulnerable to attacks that don’t leverage malware. Read on to learn more.

(more available)
Added: January 1, 2019
image from Why Managed Threat Hunting?

Why Managed Threat Hunting?

This report offers insight into threat hunting. It specifically focusses on the “Human Detection Engine.”

Added: January 1, 2019
image from Top 5 Reasons Why Savvy MSPS Are Adopting Managed Security Services

Top 5 Reasons Why Savvy MSPS Are Adopting Managed Security Services

The purpose of this white paper is to introduce managed security services as a key strategy for evolving your business.

(more available)
Added: December 29, 2018
image from The SpyRATs of OceanLotus

The SpyRATs of OceanLotus

This paper takes a look at several bespoke backdoors deployed by OceanLotus Group, as well as evidence of the threat actor using obfuscated CobaltStrik Beacon payloads to perform C2.

(more available)
Added: December 29, 2018
image from 2019 Threats Predictions

2019 Threats Predictions

This infographic provides a summarized list of the points made in McAfee’s 2019 threat predictions blog post.

Added: December 29, 2018
image from How Tanium helps address the CIS Critical Security Controls/SANS Top 20

How Tanium helps address the CIS Critical Security Controls/SANS Top 20

This paper provides a checklist to address CIS Critical Security Controls.

Added: December 29, 2018
image from ERP Applications Under Fire

ERP Applications Under Fire

With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications are supporting the most critical business processes for the biggest organizations in the world. This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications. We have concentrated our efforts on the two most widely-adopted solutions across the large enterprise segment, SAP and Oracle E-Business Suite, focusing on the risks and threats organizations should care about.

(more available)
Added: December 14, 2018
image from Services Cyber Intrusion Casebook 2018

Services Cyber Intrusion Casebook 2018

In 2018, our global Services team focused resources, intelligence and technology to detect and disrupt future attacks. We’ve analyzed the massive amounts of security data collected from every engagement this year and we’ve gained new insights into what challenges organizations face and how they can better prepare for the next wave of threats. This casebook presents some of the findings and recommendations we’ve made in key engagements across a representative sample of the work we performed last year. We dig into: Emerging and notable trends Examples of ill-prepared organizations and the devastating effects of the breaches they suffered Essential recommendations to prevent companies from becoming another statistic of poor security planning and execution This casebook also underscores the expertise of our team and the important work we’re doing at CrowdStrike® Services. As you read the case studies, you will see that CrowdStrike stands shoulder-to-shoulder with our clients as we work together to stop adversaries and repair damage. But this casebook is not just for CrowdStrike clients — we want everyone to become better prepared to overcome their adversaries in 2019.

(more available)
Added: December 14, 2018
image from State of the Internet 2018

State of the Internet 2018

In this issue of the State of The Internet/Security report, they take a look back at some of the events they were a part of and the research the Akamai teams produced in the past 12 months. They also examine a few of the stories that formed the background in security this year.

(more available)
Added: December 14, 2018
image from Too Much Information

Too Much Information

In this research, Digital Shadows assessed the sensitive data exposed from some of the most ubiquitous file sharing services across the Internet. We found over twelve petabytes of publicly available data across open Amazon S3 buckets, rsync, SMB, FTP servers, misconfigured websites, and NAS drives.

(more available)
Added: December 5, 2018
image from The Business of Disinformation: A Taxonomy

The Business of Disinformation: A Taxonomy

Since the 2016 U.S. presidential election, the term “fake news” has integrated itself frmly into our daily vernacular. However, fake news is used very broadly to describe: disinformation, propaganda, hoaxes, satire and parody, inaccuracies in journalism, and partisanship. Disinformation campaigns are not limited to the geopolitical realm – its use is far more pervasive. The sheer availability of tools means that barriers to entry are lower than ever. This extends beyond geopolitical to fnancial interests that affect businesses and consumers. This paper presents an overview of these different motivations and tools actors can turn to. In Digital Shadows’ Disinformation Campaign Taxonomy, we lay out the stages used in disinformation campaigns. In doing so, it is possible to develop ways to potentially disrupt these efforts and create greater friction for actors involved.

(more available)
Added: December 5, 2018
image from Threat Intelligence Bulletin: Deloitte Breach

Threat Intelligence Bulletin: Deloitte Breach

This report, prepared by CyberInt, summarises the currently known information regarding the recent breach at Deloitte, one of the ‘big four’ accounting firms, and includes a timeline of events, what is known of the breach itself as well as the aftermath.

(more available)
Added: December 5, 2018
image from KRACK Attack: WPA2 Wi-Fi Vulnerability

KRACK Attack: WPA2 Wi-Fi Vulnerability

This report takes a look at the “Key Reinstallation Attack” VULN that works against all modern protected Wi-Fi- networks.

Added: December 5, 2018
  • ««
  • «
  • 11
  • 12
  • 13
  • 14
  • 15
  • »
  • »»
© Cyentia Institute 2025
Library updated: July 2, 2025 04:08 UTC (build b1d7be4)