Phone Number +1-202-802-9399 (US)

Thycotic’s Cyber Security Blog

FEATURED STORY:

5 Most Popular Password Cracking Tools: Protect Your Enterprise

A look at a variety of password cracking tools and security tips to reduce password risk

Filter by Tags: 

The First Line of Defense for Healthcare Organizations: Secure Passwords

January 14th, 2015

The IT security stakes are high for the healthcare industry – HIPAA violations and fines, criminal charges, and tainted brand reputations make up the fates of healthcare organizations that fail to protect patient data both from the inside and out. Why Healthcare is Being Targeted A large number of personally identifiable information (PII) is stored…


https://thycotic.com/wp-content/uploads/2014/06/CSO.jpg

3 Tips to Stay Safe Shopping, Online or Off

December 16th, 2014

Despite numerous data breaches we have seen among consumer companies like Target and Home Depot, we doubt that breaches will slow down any time soon. No matter where you shop, use these three tips to stay safe. Use Credit Instead of Debit This may sound like an irresponsible thing to do at first, but the…


When the Trusted Go Rogue, and How They (almost) Got Away With It

December 9th, 2014

Jason Cornish, a former IT admin, successfully took down 88 servers of a major pharmaceutical corporation for the comfort of a fast food joint. The breach cost the company over $800,000 and caused the entire US office to shut down for three days. Unfortunately for all companies, insider threat is very hard to detect. According…


Privileged users and data breaches: A match made in heaven?

December 2nd, 2014

With data breaches on the rise, more evidence is constantly being discovered to support the link between privileged accounts in organizations and network breaches. Thycotic and IANS recently conducted a survey of 100 experienced security and IT operations professionals regarding their recent data breaches and privileged account misuse, and the results show there is indeed…


Qualys Security Conference Reveals Tension Between Security and IT Operations

November 11th, 2014

In my previous post, ‘Vulnerability Scanning: Is Unauthenticated Scanning Enough?’ I discussed the differences between authenticated and unauthenticated scans, and how Qualys and Thycotic work together to find vulnerabilities for better security. When performing authenticated scans, Qualys uses credentials to find sensitive issues such as malware, patches, incorrect configuration, and other vulnerabilities. It then scans…


Access Control: Models and Methods

November 4th, 2014

There are times when employees need access to information, such as documents, slides, etc., on a network drive but don’t have the appropriate level of access to read and/or modify the item. This can happen at the most inconvenient time and they quickly need to get a hold of a system administrator to grant them…


https://thycotic.com/wp-content/uploads/2014/06/CSO.jpg

Haunting Tale: Beware of the Insider

October 28th, 2014

We all love October for the fall nights, changing leaves, hot cider and Halloween festivities. October is also National Cyber Security Awareness Month supported by the National Cyber Security Alliance. Although we preach cyber security best practices all year, it’s an important reminder to stay safe online. In support of National Cyber Security Awareness Month…


https://thycotic.com/wp-content/uploads/2014/06/CSO.jpg

Predicting Potential Threat: Behavior Analytics and Threat Modeling

October 21st, 2014

Wouldn’t it be nice to be able to identify a potential threat before it happens? Learn how Secret Server uses threat modeling and behavioral analytics to discover and take immediate action on a threat, stopping an attacker in their tracks. Threat Modeling The term “threat modeling” has become quite popular lately as an upcoming major…


POODLE: Not your typical walk in the park

October 15th, 2014

Google, among several security organizations, recently announced a vulnerability in the SSL protocol, particularly SSL version 3. SSL is used to secure connections between a client and server to prevent eavesdropping, and that the data has not been tampered. SSLv3 is an old version of the SSL protocol, dating back to 1996 and debuted with Netscape…


Vulnerability Scanning: Is Unauthenticated Scanning Enough?

October 14th, 2014

Thousands of IT organizations across the world use vulnerability scanners to perform unauthenticated scans and find threats within their network. These scans find basic weaknesses and detect issues within operating systems, open network ports, services listening on open ports, and data leaked by services. This gives companies the ability to see their network from the…