Continuing our J2 SOC Manager’s series on credential theft, this week we explore how attackers steal credentials on the local device. Future pieces will discuss other methods and prevention strategies. We hope you enjoy this series and feel free to get in contact us if you have questions, comments or want to further clarity.

Our J2 SOC Manager has created a series of pieces around credential theft. In the coming weeks we will unpack several methods of attack. In this, the first in the series, we start with some background information and a dive into attacking passwords in network traffic. Future pieces will discuss other methods and prevention strategies. We hope you enjoy this series and feel free to get in contact us if you have questions, comments or want to further clarity.

In a profit driven, ethically unconstrained criminal enterprise like phishing it is not surprising that threat actors have evolved to match the times. Rather than focus on techniques, this article will discuss how phishing applications have changed to match new security standards. It should be noted that only 22% of Microsoft clients have adopted two factor protection, so the traditional phishing attacks are still effective against most small to mid-sized operations. In the case of the enterprise client, we are seeing a transition towards phishing attacks that can seamlessly target two factor protected accounts.

Certificate Authorities. They’re an invisible elephant in the room. They’re the colourless passport stampers that complement your inscrutable active directory certificate processes. The whole thing sounds very grey and bureaucratic, but threat actors and security wizards are looking at the certificate process very closely, and for good reason. Those passports can do quite a lot. In this article we’ll cover a few basic concepts and then look at a new crop of vulnerabilities discovered by the piratical and quite naughty SpectreOps. The aim of this post is not to make you an authority on certificate services, it’s to show you that there are distinct risks in deploying certificate services and provide you with a tool to audit for some of these.