CrowdStrike acquires Preempt to provide zero trust security architecture and threat protection

CrowdStrike announced it has agreed to acquire Preempt Security, provider of zero trust and conditional access technology for real-time access control and threat prevention. Under the terms of the agreement, CrowdStrike will pay approximately $96 milli… Continue reading CrowdStrike acquires Preempt to provide zero trust security architecture and threat protection

Microsoft NTLM vulnerabilities could lead to full domain compromise

Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some cases, to achieve full domain compromise of a network. What is NTLM? NT LAN Manag… Continue reading Microsoft NTLM vulnerabilities could lead to full domain compromise

Securing Identity With Conditional Access – Business Security Weekly #137

    Ajit Sancheti is the CEO at Preempt. Ajit will be discussing Securing Identity with Conditional Access. Full Show Notes Visit https://www.securityweekly.com/bsw for all the latest episodes! Hosts
The post Securing Identity With Conditional Access &… Continue reading Securing Identity With Conditional Access – Business Security Weekly #137

Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine

The Preempt research team found two critical Microsoft vulnerabilities that consist of three logical flaws in NTLM, the company’s proprietary authentication protocol. These vulnerabilities allow attackers to remotely execute malicious code on any Windo… Continue reading Critical Microsoft NTLM vulnerabilities allow remote code execution on any Windows machine

Preempt raises $17.5 million in Series B for enterprise threat management

San Francisco enterprise threat management company Preempt Security earned $17.5 million in its Series B funding round, the company announced on Wednesday. Preempt says that it uses information about identity, behavior and risk within a company to proactively catch insider threats and prevent breaches. Management of such threats is a constant struggle for enterprises, as they need to ensure that employees don’t willingly or inadvertently expose sensitive information. CEO Ajit Sancheti told CyberScoop that Preempt can anticipate and stop both malicious insiders and unwittingly compromised users by monitoring their privileges and behavior on the network. Preempt can force users to validate their identity via multi-factor authentication if it senses something is awry. “Internal threats are difficult to detect since the behavior of the malicious users or the compromised accounts are difficult to differentiate from legitimate users. Since Preempt can force the verification of identity of a user in real time […]

The post Preempt raises $17.5 million in Series B for enterprise threat management appeared first on Cyberscoop.

Continue reading Preempt raises $17.5 million in Series B for enterprise threat management

Flaw in Office 365 with Azure AD Connect could result in domain compromise

The Preempt research team has uncovered a vulnerability with Microsoft Office 365 when integrated with an on-premises Active Directory Domain Services (AD DS) using Azure AD Connect software that unnecessarily gives users elevated administrator privile… Continue reading Flaw in Office 365 with Azure AD Connect could result in domain compromise

Poor security habits are the ideal recipe for a breach

A Preempt survey of more than 200 employees (management level or above) from enterprise companies of 1000 or more people, found that businesses are left exposed by employees who have more access to sensitive resources than they should and who follow po… Continue reading Poor security habits are the ideal recipe for a breach

Microsoft patches domain-controller vulnerability impacting all Windows versions

Microsoft issued a patch Tuesday for a serious privilege escalation vulnerability affecting all versions of Windows for enterprises released since 2007. By exploiting it, an attacker who has compromised a single machine on a network can create a new administrator account for themselves and get control of the entire domain. The vulnerability, assigned the serial number CVE-2017-8563, scores 7.5 on the Common Vulnerability Scoring System, meaning it is rated as “high” severity, the second highest after “critical.” “The vulnerability is in the domain controller,” said Roman Blachman, CTO and co-founder of Preempt Security, whose researchers found the flaw in April and reported it to Microsoft. In a video, Preempt researchers show how they can leverage it to exploit known weaknesses in some of the communications protocols included in Windows NT LAN Manager, or NTLM, and launch an attack technique known as credential relay.     The vulnerability, Preempt CEO Ajit Sancheti added, “can be exploited if the attacker has compromised […]

The post Microsoft patches domain-controller vulnerability impacting all Windows versions appeared first on Cyberscoop.

Continue reading Microsoft patches domain-controller vulnerability impacting all Windows versions

Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks

Microsoft today addressed two NTLM-related vulnerabilities privately disclosed by Preempt Security. The flaws allow for credential relay attacks. Continue reading Microsoft Addresses NTLM Bugs That Facilitate Credential Relay Attacks