* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Friday, June 27, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Susquehanna Raises Penn Entertainment Inc. (PENN) Price Target. – Yahoo Finance

    Susquehanna Raises Price Target for Penn Entertainment Inc. (PENN)

    George Lopez is coming to Spokane – KXLY.com

    George Lopez is coming to Spokane – KXLY.com

    Netflix unveils Dallas immersive venue for fans of hit shows like ‘Squid Game,’ ‘Stranger Things’ – Houston Chronicle

    Step Inside Netflix’s New Dallas Immersive Experience Featuring Hits Like ‘Squid Game’ and ‘Stranger Things

    ‘Puttin’ on the Ritz’: Civic Players bring ‘Young Frankenstein’ to life – Yahoo

    Civic Players Deliver a Hilarious and Unforgettable Performance of ‘Young Frankenstein

    ‘Wheel of Fortune’: Amputee Wins $60,000 After Breaking Incredible ‘Curse’ – Hastings Tribune

    Wheel of Fortune’ Amputee Breaks Incredible ‘Curse’ to Win $60,000!

    North Star Sports & Entertainment Network: Coming soon – KTTC News

    North Star Sports & Entertainment Network: Coming soon – KTTC News

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

    St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

    Wayve Expands Engineering Leadership to Power Next-Gen Autonomous Driving Technology – Silicon Canals

    Wayve Boosts Engineering Leadership to Accelerate Next-Gen Autonomous Driving Innovation

    Frontdoor Announces Tech Expert Dr. Bala Ganesh as Chief Technology Officer – Business Wire

    Frontdoor Appoints Tech Visionary Dr. Bala Ganesh as New Chief Technology Officer

    Defense technology giant Northrop Grumman to host interviews in Iuka to fill technician roles – supertalk.fm

    Defense technology giant Northrop Grumman to host interviews in Iuka to fill technician roles – supertalk.fm

    China’s Military Introduces Mosquito-Sized Drones: A Game-Changing Surveillance Technology – Indian Defence Review

    China Unveils Mosquito-Sized Drones: Revolutionizing Surveillance Technology

    Marvell Technology Stock Rallies After AI Event Sparks Investor Optimism – Yahoo Finance

    Marvell Technology Stock Rallies After AI Event Sparks Investor Optimism – Yahoo Finance

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Susquehanna Raises Penn Entertainment Inc. (PENN) Price Target. – Yahoo Finance

    Susquehanna Raises Price Target for Penn Entertainment Inc. (PENN)

    George Lopez is coming to Spokane – KXLY.com

    George Lopez is coming to Spokane – KXLY.com

    Netflix unveils Dallas immersive venue for fans of hit shows like ‘Squid Game,’ ‘Stranger Things’ – Houston Chronicle

    Step Inside Netflix’s New Dallas Immersive Experience Featuring Hits Like ‘Squid Game’ and ‘Stranger Things

    ‘Puttin’ on the Ritz’: Civic Players bring ‘Young Frankenstein’ to life – Yahoo

    Civic Players Deliver a Hilarious and Unforgettable Performance of ‘Young Frankenstein

    ‘Wheel of Fortune’: Amputee Wins $60,000 After Breaking Incredible ‘Curse’ – Hastings Tribune

    Wheel of Fortune’ Amputee Breaks Incredible ‘Curse’ to Win $60,000!

    North Star Sports & Entertainment Network: Coming soon – KTTC News

    North Star Sports & Entertainment Network: Coming soon – KTTC News

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

    St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

    Wayve Expands Engineering Leadership to Power Next-Gen Autonomous Driving Technology – Silicon Canals

    Wayve Boosts Engineering Leadership to Accelerate Next-Gen Autonomous Driving Innovation

    Frontdoor Announces Tech Expert Dr. Bala Ganesh as Chief Technology Officer – Business Wire

    Frontdoor Appoints Tech Visionary Dr. Bala Ganesh as New Chief Technology Officer

    Defense technology giant Northrop Grumman to host interviews in Iuka to fill technician roles – supertalk.fm

    Defense technology giant Northrop Grumman to host interviews in Iuka to fill technician roles – supertalk.fm

    China’s Military Introduces Mosquito-Sized Drones: A Game-Changing Surveillance Technology – Indian Defence Review

    China Unveils Mosquito-Sized Drones: Revolutionizing Surveillance Technology

    Marvell Technology Stock Rallies After AI Event Sparks Investor Optimism – Yahoo Finance

    Marvell Technology Stock Rallies After AI Event Sparks Investor Optimism – Yahoo Finance

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

Addressing the insecurity of verified identities

October 22, 2023
in Business
Addressing the insecurity of verified identities
Share on FacebookShare on Twitter

Cybersecurity has been identity-centric since the first username and password appeared. During the infancy of personal computers, user identification was considerably simpler. At that time, workplace technology was physically confined to an office and the business network (if one existed). The only people with access were employees and maybe office cleaning staff.

The locked office door separated business assets from the rest of the world, making it the unsung cybersecurity hero in this early era. Today, we can’t rely on deadbolts to do the heavy lifting for enterprise security. The number of people with potential access to our business systems extends beyond the office and encircles the globe. Technological advancements, including the internet, cloud computing, and 5G connectivity have made user/password identification obsolete. We’re regularly connected with billions of people, some who harbor ill intent.

Do more of the same?

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

Please enter a valid email address

Security practitioners doubled down on ID checks to address  increased exposure to the masses. After all, asking one question (password) worked when systems were accessible to just a few people. Maybe asking more questions would work to verify individuals among many people.You have a password – do you also have an RSA token with a secret number on it? Do you have a recognized fingerprint? Do you have a smartphone to receive an access code? How about three personalized security questions with three specific answers only you know?

Each new step in these identification efforts introduced friction into people’s workflow. Typing a password is fast. Obtaining numbers from multiple devices, less so. Each additional identity check presents a roadblock between the user and the work they are trying to do. Sure, each step also adds another level of confidence to the verification process, but this approach is not scalable. For example, if you’re asked to fill out the US government’s Questionnaire for National Security Positions, you’ll find it is 136 pages long. That’s a great approach for exhaustively verifying an identity, but far too cumbersome for logging into a workstation.

To make matters worse, it turns out that adding multiple layers of identity checks doesn’t stop bad actors from gaining unauthorized access. Many of today’s most popular forms of identity verification, such as multi-factor authentication (MFA), are hackable. I’m not suggesting we let perfect be the enemy of good. I’m simply pointing out that our best identification efforts aren’t bulletproof, and this knowledge brings with it a new set of responsibilities. If outsiders can outsmart our initial identity verification checks, then our security efforts must extend beyond initial logon.

Intruders impersonate assets in Active Directory

Suppose a malicious actor slips past your identity verification. Perhaps the intruder is a savvy threat actor, or a disgruntled insider who is using legitimate credentials. This may seem like a minor problem, given that their actions are constrained by the permissions they’ve been granted. Few accounts have enterprise admin rights, so how much harm can a general user really do?

One of the first things adversaries do after compromising an account is search for ways to elevate their access. One popular technique is to exploit Group Policy Preferences (GPP). GPP appeared with the release of Server 2008 and allows domain-attached machines to be configured through group policies. Generally, users cannot upgrade their own access. However, PCs can use the credentials of any legitimate logged-in user to authenticate to the domain controller and request policy updates. These policies can make numerous configuration changes to machines, including:

Mapped network drives

Printer configurations

Registry settings

Setting the password for the workstation’s local admin account.

By exploiting GPP, attackers can grant themselves admin access to a compromised machine. From there, they can move laterally through the environment and repeat the process. One compromised workstation quickly becomes 100.

Malicious actors can also exploit vulnerabilities like unconstrained delegation. This allows users or computers to impersonate other accounts to gain access to enterprise resources. Under some circumstances, attackers can use this technique to compromise the host Active Directory (AD) forest and then breach other connected forests.

Consider another example where a verified user’s ability to impersonate another enterprise entity can wreak havoc. A highly damaging object to impersonate in the environment is a domain controller and DCSync attacks allow this by exploiting Microsoft Directory Replication Service Remote Protocol (MS-DRSR). Malicious actors can use this tactic to request and obtain user credentials from legitimate domain controllers. This attack is one of several available through popular hacking tools like mimikatz.

Chaining together numerous tactics provides pathways to laterally move around network locations and permission boundaries. Unless specifically hardened against it, Active Directory Kerberos Service-for-User (S4U) may be abused to get a domain administrator account’s service ticket on a local machine. Service Control Manager may be fooled with fake MachineIDs to bypass User Access Control. The Potato line of attacks specifically use the ImpersonatePrivilege permission to make a service account into NT AUTHORITY/SYSTEM. This method of becoming a local machine admin may be useful for some situations.

As you can see, impersonation techniques play a significant role in cyberattacks once intruders gain a foothold in the environment. This is why identity verification efforts cannot end after validating initial connection requests.

Addressing internal identity-based attack surface

Fortunately, there are solutions that can help you determine where and how your business environment is vulnerable to subtle forms of identity abuse. Identity threat detection and remediation (ITDR) tools can scan your environment for security issues and offer solutions. They offer crucial security coverage, given that 80% of modern attacks are identity-driven.

Specifically, an ITDR can help discover issues like GPP password exposure and other risky configurations in the environment. It provides vital information on the impact and scope of security issues, along with guidance for performing remediation. It also performs real-time monitoring of the environment and alerts analysts as new issues arise. This is an extremely important capability considering the number of account creations, configurations, and modifications happening in the enterprise on a daily basis.

Industry researchers claim Active Directory is involved in 90% of the attacks they witness. By focusing on identity and AD, ITDR tools are securing areas that most attackers ultimately target. Unfortunately, many security practitioners still view identity as a zero-sum game. If you can fool identity verification at log-on, you win access to everything. ITDRs change this dynamic by preventing identity abuse and privilege escalation after the initial identity verification. Too many organizations quit the fight once a user is verified. ITDR lets organizations battle on, which greatly elevates their security posture and makes life harder for threat actors. 

Learn more about mitigating the risk of identity-based attacks here.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : CIO – https://www.cio.com/article/656271/addressing-the-insecurity-of-verified-identities.html

Tags: addressingbusinessinsecurity
Previous Post

The biggest enterprise technology M&A deals of the year

Next Post

Multicloud by design approach simplifies the cloud experience

St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

June 27, 2025
NBA Draft 2025: Did the Hornets reach for Kon Knueppel? And why the Spurs did the right thing with Dylan Harper – Yahoo Sports

NBA Draft 2025: Did the Hornets Overreach for Kon Knueppel? Why the Spurs’ Pick of Dylan Harper Was a Brilliant Move

June 27, 2025
Fossil evidence of proboscidean frugivory and its lasting impact on South American ecosystems – Nature

Fossil evidence of proboscidean frugivory and its lasting impact on South American ecosystems – Nature

June 27, 2025
Distrust in public-health institutions is not just an American problem – The Economist

Distrust in public-health institutions is not just an American problem – The Economist

June 27, 2025
Cuts to federal science spending will cost every American – University of California

Cuts to federal science spending will cost every American – University of California

June 27, 2025
CCTA Bests CV Risk Scores for Bolstering Lifestyle Changes, Medication Uptake – TCTMD.com

CCTA Bests CV Risk Scores for Bolstering Lifestyle Changes, Medication Uptake – TCTMD.com

June 27, 2025
TIFF announces first wave of World Premieres! – TIFF – Toronto International Film Festival

TIFF announces first wave of World Premieres! – TIFF – Toronto International Film Festival

June 27, 2025
With no end to war in sight, Ukraine’s economy teeters on the edge – The Washington Post

Ukraine’s Economy on the Edge as Conflict Shows No End in Sight

June 27, 2025
A typical workday for freelancer Ashley Abramson – Association of Health Care Journalists

A Day in the Life of Freelancer Ashley Abramson: Inside Her Dynamic Workday

June 27, 2025
‘This is not a luxury’: Families in Trump states agonize over GOP’s proposed Medicaid cuts – CNN

Families in Trump States Face Hardship Amid GOP’s Push for Major Medicaid Cuts

June 27, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (699)
  • Economy (719)
  • Entertainment (21,613)
  • General (15,586)
  • Health (9,758)
  • Lifestyle (724)
  • News (22,149)
  • People (721)
  • Politics (726)
  • Science (15,937)
  • Sports (21,216)
  • Technology (15,704)
  • World (699)

Recent News

St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

St. Francis Medical Center brings advanced robotic surgery technology to Northeast Louisiana – KNOE

June 27, 2025
NBA Draft 2025: Did the Hornets reach for Kon Knueppel? And why the Spurs did the right thing with Dylan Harper – Yahoo Sports

NBA Draft 2025: Did the Hornets Overreach for Kon Knueppel? Why the Spurs’ Pick of Dylan Harper Was a Brilliant Move

June 27, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version