Attacks/Breaches
2/19/2014
05:37 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CyberArk Launches Enhanced CyberArk DNA to Detect Pass-the-Hash Vulnerabilities

Discovery and Audit Tool to Identify and Map Exposed Password Hashes and Vulnerable Machines on a Network; Free Trial Available for Limited Time

Newton, Mass. – February 19, 2014 – CyberArk, the company securing the heart of the enterprise, today unveiled the latest version of Discovery & Audit (DNA), the first tool on the market to identify and map exposed privileged password hashes and all related vulnerable machines on a network. CyberArk DNA™ is a patent-pending, light-weight, stand alone tool that exposes the magnitude of privileged account security risks by enabling organizations to easily identify and analyze all privileged accounts across their network. CyberArk DNA v4 free trial licenses are currently available to all businesses for a limited time.

RSA Conference 2014
Click here for more articles about the RSA Conference.

Pass-the-Hash attacks represent a significant risk to organizations because they are frequently used as an attack vector in advanced threats. Pass-the-hash attacks capture account logon credentials on one computer and then use those credentials to gain access to other computers on the same network. Attackers use this technique to gain a foothold and harvest hashes to steal access to privileged systems and machines, traveling across the network until reaching their ultimate target – a company’s intellectual property or data.

“Pass-the-Hash attacks have been an attack vector in some of the most spectacular breaches, and they continue to be a major threat to businesses,” said Roy Adar, vice president of product management at CyberArk. “Understanding the extent of the vulnerability is the critical first step in mitigating the risk of pass-the-hash. CyberArk DNA is the only tool on the market designed to identify and visualize an organization’s privileged account risk exposure – being able to simultaneously scan for pass-the-hash vulnerabilities is a natural extension of the security and audit tool.”

Preventing Pass-the-Hash – Privileged Account Security Password hashes serve as an authenticator across a network, making them a priority target for attackers. Hashes on endpoints often include the privileged credentials of a network administrator, or services that perform privileged actions on the endpoint. Attackers who penetrate these endpoints can steal the hashes to escalate their network privileges to help carry out their attack. Because of this, tight control and security of privileged credentials can dramatically reduce a company’s exposure to pass-the-hash attacks.

The first step in addressing pass-the-hash vulnerabilities is to understand the risk landscape in the enterprise. CyberArk DNA v4 is the first tool to identify password hashes, locating all vulnerable machines on a network to provide the most accurate and reliable data about an organization’s exposure. Best practices for protecting against pass-the-hash attacks include:

• Securing administrative access to machines with password masking and aging credentials. This reduces the risk of attackers gaining access to the hashes; • Frequently changing privileged account passwords (CyberArk recommends automating password changes and restricting them to one-time use to ensure tight security standards); • Implementing and enforcing least privileges for all administrators.

The latest release of CyberArk DNA v4, combined with CyberArk’s full portfolio of privileged account security solutions, provides businesses with the most complete solution for protecting against pass-the-hash attacks.

CyberArk DNA v4 is available today. For a free trial of CyberArk DNA or for more information, please visit http://www.cyberark.com/discover-where-your-privileged-accounts.

For more information on how CyberArk protects against pass-the-hash attacks, please visit https://www.cyberark.com/contact/solution-brief-pass-hash.

CyberArk will demonstrate CyberArk DNA in booth #915 in the South Hall at the RSA Conference, February 24 – 28, 2014 in San Francisco.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4807
Published: 2014-11-22
Sterling Order Management in IBM Sterling Selling and Fulfillment Suite 9.3.0 before FP8 allows remote authenticated users to cause a denial of service (CPU consumption) via a '\0' character.

CVE-2014-6183
Published: 2014-11-22
IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before 5.1.1.0 FP8, 5.1.2 before 5.1.2.0 FP9, 5.1.2.1 before FP5, 5.2 before 5.2.0.0 FP5, and 5.3 before 5.3.0.0 FP1 on XGS devices allows remote authenticated users to execute arbitrary commands via unspecified vectors.

CVE-2014-8626
Published: 2014-11-22
Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in PHP before 5.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by including a timezone field in a date, leading to improper XML-RPC encoding...

CVE-2014-8710
Published: 2014-11-22
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.

CVE-2014-8711
Published: 2014-11-22
Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?