• Resources
  • Blog
  • Journalists
  • Log In
  • Sign Up
  • Data Privacy
  • Send a Release
Cision PR Newswire: news distribution, targeting and monitoring home
  • News
  • Products
    • Overview
    • Distribution by PR Newswire
    • Cision Communications Cloud®
    • Cision IR
    • All Products
  • Contact
    • General Inquiries
    • Request a Demo
    • Editorial Bureaus
    • Partnerships
    • Media Inquiries
    • Worldwide Offices

 

When typing in this field, a list of search results will appear and be automatically updated as you type.

Searching for your content...

No results found. Please change your search terms and try again.
  • News in Focus
      • Browse News Releases
      • All News Releases
      • All Public Company
      • English-only


      • News Releases Overview
      • Multimedia Gallery
      • All Multimedia
      • All Photos
      • All Videos


      • Multimedia Gallery Overview
      • Trending Topics
      • All Trending Topics


  • Business & Money
      • Auto & Transportation
      • All Automotive & Transportation
      • Aerospace, Defense
      • Air Freight
      • Airlines & Aviation
      • Automotive
      • Maritime & Shipbuilding
      • Railroads and Intermodal Transportation
      • Supply Chain/Logistics
      • Transportation, Trucking & Railroad
      • Travel
      • Trucking and Road Transportation


      • Auto & Transportation Overview
      • Business Technology
      • All Business Technology
      • Blockchain
      • Broadcast Tech
      • Computer & Electronics
      • Computer Hardware
      • Computer Software
      • Data Analytics
      • Electronic Commerce
      • Electronic Components
      • Electronic Design Automation
      • Financial Technology
      • High Tech Security
      • Internet Technology
      • Nanotechnology
      • Networks
      • Peripherals
      • Semiconductors


      • Business Technology Overview
      • Entertain­ment & Media
      • All Entertain­ment & Media
      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television


      • Entertain­ment & Media Overview
      • Financial Services & Investing
      • All Financial Services & Investing
      • Accounting News & Issues
      • Acquisitions, Mergers and Takeovers
      • Banking & Financial Services
      • Bankruptcy
      • Bond & Stock Ratings
      • Conference Call Announcements
      • Contracts
      • Cryptocurrency
      • Dividends
      • Earnings
      • Earnings Forecasts & Projections
      • Financing Agreements
      • Insurance
      • Investments Opinions
      • Joint Ventures
      • Mutual Funds
      • Private Placement
      • Real Estate
      • Restructuring & Recapitalization
      • Sales Reports
      • Shareholder Activism
      • Stock Offering
      • Stock Split
      • Venture Capital


      • Financial Services & Investing Overview
      • General Business
      • All General Business
      • Awards
      • Commercial Real Estate
      • Corporate Expansion
      • Earnings
      • Human Resource & Workforce Management
      • Licensing
      • New Products & Services
      • Obituaries
      • Outsourcing Businesses
      • Overseas Real Estate (non-US)
      • Personnel Announcements
      • Real Estate Transactions
      • Residential Real Estate
      • Small Business Services
      • Socially Responsible Investing
      • Surveys, Polls and Research
      • Trade Show News


      • General Business Overview
  • Science & Tech
      • Consumer Technology
      • All Consumer Technology
      • Artificial Intelligence
      • Blockchain
      • Cloud Computing/Internet of Things
      • Computer Electronics
      • Computer Hardware
      • Computer Software
      • Consumer Electronics
      • Cryptocurrency
      • Data Analytics
      • Electronic Commerce
      • Electronic Gaming
      • Financial Technology
      • Mobile Entertainment
      • Multimedia & Internet
      • Peripherals
      • Social Media
      • STEM (Science, Tech, Engineering, Math)
      • Supply Chain/Logistics
      • Wireless Communications


      • Consumer Technology Overview
      • Energy & Natural Resources
      • All Energy
      • Alternative Energies
      • Chemical
      • Electrical Utilities
      • Gas
      • General Manufacturing
      • Mining
      • Mining & Metals
      • Oil & Energy
      • Oil and Gas Discoveries
      • Utilities
      • Water Utilities


      • Energy & Natural Resources Overview
      • Environ­ment
      • All Environ­ment
      • Conservation & Recycling
      • Environmental Issues
      • Environmental Policy
      • Environmental Products & Services
      • Green Technology
      • Natural Disasters


      • Environ­ment Overview
      • Heavy Industry & Manufacturing
      • All Heavy Industry & Manufacturing
      • Aerospace & Defense
      • Agriculture
      • Chemical
      • Construction & Building
      • General Manufacturing
      • HVAC (Heating, Ventilation and Air-Conditioning)
      • Machinery
      • Machine Tools, Metalworking and Metallurgy
      • Mining
      • Mining & Metals
      • Paper, Forest Products & Containers
      • Precious Metals
      • Textiles
      • Tobacco


      • Heavy Industry & Manufacturing Overview
      • Telecomm­unications
      • All Telecomm­unications
      • Carriers and Services
      • Mobile Entertainment
      • Networks
      • Peripherals
      • Telecommunications Equipment
      • Telecommunications Industry
      • VoIP (Voice over Internet Protocol)
      • Wireless Communications


      • Telecomm­unications Overview
  • Lifestyle & Health
      • Consumer Products & Retail
      • All Consumer Products & Retail
      • Animals & Pets
      • Beers, Wines and Spirits
      • Beverages
      • Bridal Services
      • Cannabis
      • Cosmetics and Personal Care
      • Fashion
      • Food & Beverages
      • Furniture and Furnishings
      • Home Improvement
      • Household, Consumer & Cosmetics
      • Household Products
      • Jewelry
      • Non-Alcoholic Beverages
      • Office Products
      • Organic Food
      • Product Recalls
      • Restaurants
      • Retail
      • Supermarkets
      • Toys


      • Consumer Products & Retail Overview
      • Entertain­ment & Media
      • All Entertain­ment & Media
      • Advertising
      • Art
      • Books
      • Entertainment
      • Film and Motion Picture
      • Magazines
      • Music
      • Publishing & Information Services
      • Radio & Podcast
      • Television


      • Entertain­ment & Media Overview
      • Health
      • All Health
      • Biometrics
      • Biotechnology
      • Clinical Trials & Medical Discoveries
      • Dentistry
      • FDA Approval
      • Fitness/Wellness
      • Health Care & Hospitals
      • Health Insurance
      • Infection Control
      • International Medical Approval
      • Medical Equipment
      • Medical Pharmaceuticals
      • Mental Health
      • Pharmaceuticals
      • Supplementary Medicine


      • Health Overview
      • Sports
      • All Sports
      • General Sports
      • Outdoors, Camping & Hiking
      • Sporting Events
      • Sports Equipment & Accessories


      • Sports Overview
      • Travel
      • All Travel
      • Amusement Parks and Tourist Attractions
      • Gambling & Casinos
      • Hotels and Resorts
      • Leisure & Tourism
      • Outdoors, Camping & Hiking
      • Passenger Aviation
      • Travel Industry


      • Travel Overview
  • Policy & Public Interest
      • Policy & Public Interest
      • All Policy & Public Interest
      • Advocacy Group Opinion
      • Animal Welfare
      • Congressional & Presidential Campaigns
      • Corporate Social Responsibility
      • Domestic Policy
      • Economic News, Trends, Analysis
      • Education
      • Environmental
      • European Government
      • FDA Approval
      • Federal and State Legislation
      • Federal Executive Branch & Agency
      • Foreign Policy & International Affairs
      • Homeland Security
      • Labor & Union
      • Legal Issues
      • Natural Disasters
      • Not For Profit
      • Patent Law
      • Public Safety
      • Trade Policy
      • U.S. State Policy


      • Policy & Public Interest Overview
  • People & Culture
      • People & Culture
      • All People & Culture
      • Aboriginal, First Nations & Native American
      • African American
      • Asian American
      • Children
      • Diversity, Equity & Inclusion
      • Hispanic
      • Lesbian, Gay & Bisexual
      • Men's Interest
      • People with Disabilities
      • Religion
      • Senior Citizens
      • Veterans
      • Women


      • People & Culture Overview
      • In-Language News

      • español
      • português
      • Česko
      • Danmark
      • Deutschland
      • España
      • France
      • Italia
      • Nederland
      • Norge
      • Polska
      • Portugal
      • Россия
      • Slovensko
      • Suomi
      • Sverige
  • Overview
  • Distribution by PR Newswire
  • Cision Communications Cloud®
  • Cision IR
  • All Products
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices
  • PR Newswire: news distribution, targeting and monitoring
  • Send a Release
    • ALL CONTACT INFO

      Contact Us

      888-776-0942
      from 8 AM - 10 PM ET

  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • News in Focus
    • Browse All News
    • Multimedia Gallery
    • Trending Topics
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Business & Money
    • Auto & Transportation
    • Business Technology
    • Entertain­ment & Media
    • Financial Services & Investing
    • General Business
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Science & Tech
    • Consumer Technology
    • Energy & Natural Resources
    • Environ­ment
    • Heavy Industry & Manufacturing
    • Telecomm­unications
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Lifestyle & Health
    • Consumer Products & Retail
    • Entertain­ment & Media
    • Health
    • Sports
    • Travel
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Policy & Public Interest
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • People & Culture
    • People & Culture
    • Send a Release
    • Sign Up
    • Log In
    • Resources
    • Blog
    • Journalists
    • RSS
    • GDPR
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • Overview
  • Distribution by PR Newswire
  • Cision Communications Cloud®
  • Cision IR
  • All Products
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR
  • General Inquiries
  • Request a Demo
  • Editorial Bureaus
  • Partnerships
  • Media Inquiries
  • Worldwide Offices
  • Send a Release
  • Sign Up
  • Log In
  • Resources
  • Blog
  • Journalists
  • RSS
  • GDPR

Q:CYBER spots lateral movement as used in the SolarWinds (Sunburst) calamity

QOMPLX leads in detecting Active Directory and Kerberos-based authentication attacks

(PRNewsfoto/QOMPLX)

News provided by

QOMPLX, Inc.

Dec 23, 2020, 09:17 ET

Share this article

Share this article


TYSONS CORNER, Va., Dec. 23, 2020 /PRNewswire/ -- QOMPLX's leading Q:CYBER software suite detections include Kerberoasting and Golden Ticket attacks, both of which have been reported as being leveraged during lateral movement phases against federal agencies and commercial entities over the course of several months. QOMPLX researchers published warnings about ADFS-based attacks linking on-premise AD compromise via Kerberos ticket forgeries to malicious SAML token issuance in 2018 and 2019, as an illustration of how core enterprise authentication remains the pivotal security challenge in modern IT networks.

Q:CYBER's comprehensive solution for organizations defends Critical Controls Infrastructure and turns back sophisticated attacks on enterprise authentication infrastructure with applied data fusion already proven in some of the world's largest corporate networks. QOMPLX validates billions of Kerberos transactions each day across its global customer base.

U.S. officials allege Russia is behind the breach, in which hackers added malware to software updates, creating a backdoor into targeted computer networks. This allowed hackers to gain elevated credentials. Russia has denied involvement in the attack, which affected SolarWinds. SolarWinds traced the "supply chain" attack to updates for its Orion network products between March and June.

The injection of malicious code into the SolarWinds Orion product via compromised software build servers is novel and impressive, but represents one of many ways that adversaries gain initial entry into corporate networks. The important techniques used in the next phase of a breach are essential to enabling sophisticated adversaries to move from low-value to high-value IT assets and establish dominance within a compromised network.

"QOMPLX is the most comprehensive and accurate tool to detect advanced lateral movement techniques exploiting Active Directory and enterprise authentication via Kerberos forgeries and related attacks," QOMPLX CEO Jason Crabtree said. QOMPLX also conducts advanced security research on how Kerberos and SAML protocols are exploited. 

Q:CYBER offers a comprehensive solution for organizations interested in getting to ground truth in security. QOMPLX specializes in fusing together multiple security data feeds and uniquely defending Critical Controls Infrastructure, like Active Directory and Kerberos, and turning back sophisticated attacks and security challenges, such as:

  • Attacks on Active Directory and other Critical Controls Infrastructure,
  • Attacks on privileged accounts and lateral movement including forgeries and attacks against the Kerberos authentication protocol,
  • Maintaining an adequate risk posture, and
  • Managing high volume sources like Windows event logs and other high quality data sources that require careful management.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday delivered a warning, saying the breach poses a severe risk to federal, state and local governments as well as private companies and organizations.

"The latest warnings and guidance from CISA, other government agencies, and private companies about the extent and severity of this incident within and outside the federal government deeply concern us," Crabtree said. "We're ready to help."

QOMPLX, a leader in identity assurance for both Active Directory and Kerberos, is used by many of the world's most sophisticated firms, including some of the world's premier technology, insurance, financial services, asset management, retailers and critical infrastructure companies to detect and respond to such attacks. The company has spent nearly six years developing the necessary technology, holds dozens of patents, and invested close to $100 million developing its powerful streaming analytics and graph capabilities and related services to harden enterprise authentication, secure Active Directory, and fuse together multiple sources of data from both inside and outside of corporate networks. 

"Sophisticated cyber adversaries want to establish persistence within your trusted networks: siphoning off sensitive data from your organization, or laying the groundwork for a crippling attack. Account takeovers and hacks of critical identity infrastructure like Active Directory and Kerberos are their most potent weapons," said Andy Jaquith, QOMPLX Chief Information Security Officer.

Stateful validation is the key to stopping attacks such as the Golden Ticket technique alluded to in the CISA advisory, and means that applications that rely on Kerberos, such as downstream services, can be authenticated with confidence.

QOMPLX security practitioners are available to answer your questions about the Sunburst attack on SolarWinds and its customer base and to detail how Q:CYBER's offerings rapidly detect the lateral movement stages of such breaches. For more information or to speak with a QOMPLX executive about this breach, contact Melinda Ball, 781-418-2428 or [email protected].

CONTACT:
Abha Dasgupta, Chief Strategy Officer
Melinda Ball, Media Relations
QOMPLX, Inc.
[email protected]  
781-418-2428

SOURCE QOMPLX, Inc.

Modal title

Also from this source

QOMPLX Assists Organizations Assessing Active Directory...


QOMPLX Adds Q:SCAN Internet Attack Surface Scanning Solution...

Explore

More news releases in similar topics

  • Computer & Electronics
  • Networks
  • Computer Software
  • High Tech Security

    Contact Cision

  • Cision Distribution 888-776-0942
    from 8 AM - 9 PM ET

  • Chat with an Expert
    • General Inquiries
    • Request a Demo
    • Editorial Bureaus
    • Partnerships
    • Media Inquiries
    • Worldwide Offices

    Products

  • Cision Communication Cloud®
  • For Marketers
  • For Public Relations
  • For IR & Compliance
  • For Agency
  • For Small Business
  • All Products

    About

  • About PR Newswire
  • About Cision
  • Become a Publishing Partner
  • Become a Channel Partner
  • Careers
  • COVID-19 Resources
  • Accessibility Statement

    • Asia
    • Brazil
    • Canada
    • Czech
    • Denmark
    • Finland
    • France
    • Germany
    • India
    • Israel
    • Italy
    • Mexico
    • Middle East
    • Netherlands
    • Norway
    • Poland
    • Portugal
    • Russia
    • Slovakia
    • Spain
    • Sweden
    • United Kingdom

    My Services

  • All New Releases
  • Online Member Center
  • ProfNet

Contact Cision


Products


About


My Services
  • All News Releases
  • Online Member Center
  • ProfNet℠
Cision Distribution Helpline
888-776-0942
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • RSS
  • Cookie Settings
Copyright © 2021 Cision US Inc.