Office 365 migrations can open the door to unforeseen cybersecurity risks. One aspect that is often overlooked is the security risks when PST files are left behind in a migration project. In this article, we'll dive into what the risks are and the importance…
In my first post in this series, I explained what Active Directory is and what it’s used for. In the next post, we explored Active Directory management. Now let’s dig into Active Directory security and compliance. What do you need to do to…
Data is a critical asset of every organization, and poorly-secured databases are too often to blame for security breaches. This article details SQL server security best practices, as well as essential security considerations for protecting your databases…
Microsoft service accounts are a critical part of any Windows ecosystem because they are used to run essential services and applications, from web servers to mail transport agents to databases. But all too often, they are not used and managed properly…
“Microsoft continues to see multiple actors taking advantage of unpatched systems to attack organizations with an on-premises Exchange Server.” March 8th, 2021. Microsoft Threat Intelligence Center (MSTIC).
By now you’ve all heard the …
Psst! Want to know a great way to spread ransomware across a corporate network? Compromise the organization’s Group Policy.
Want to know a great way to cripple an organization’s defenses against data theft? Compromise Group Policy.
In fact…
Security has become a top concern for organizations around the world. And as content continues to move into the cloud, organizations are doubling down on how they can ensure the safety of their sensitive and personal information.
Why? If we look at the…
Just how critical is Group Policy?
Well, what might happen if your lockout policy got changed and hackers were allowed unlimited attempts to guess a user’s password? What if the predefined bookmarks on all your users’ machines were redirected to malicious…
Group Policy is a critical element of any Microsoft Active Directory (AD) environment. But exactly what is it and how does it work? How can attackers compromise it, and how can you defend yourself? Here are all the essential things you need to know.
…
KRBTGT is an account used for Microsoft’s implementation of Kerberos, the default Microsoft Windows authentication protocol. Understanding the ins and outs of KRBTGT accounts can mean the difference between having a secure, compliant network and opening…
Microsoft Teams security is a hot topic. Four reasons are making this a top priority:
A few posts back, I revealed my eight predictions for 2021. Since then, I’ve dived into the details of the first five:
Let’s continue stepping through my eight predictions for 2021! So far, we’ve covered why ransomware victims will face penalties, how your digital reputation will come under attack and why Zerologon will continue to cause pain for IT pros.
…
Let’s continue stepping through my eight predictions for 2021! So far, we’ve been talking mainly about attacks like ransomware and digital reputation attacks. Today, we’re going to switch it up by discussing not an attack to defend against…
Welcome back to my in-depth discussions of my eight predictions for 2021! I hope you found the dive into my first prediction on ransomware helpful. Today, we’re going to tackle prediction #2: Forget headline-making data breaches and DoS attacks;…
The first of my eight predictions for 2021 was that ransomware victim organizations will face government lawsuits. Indeed, as I noted in my previous post, authorities like the U.S. Department of the Treasury (USDT) have already announced they will file…
Elastic stack demonstrated itself as a leader for open source big data analysis, data collection, and visualization products. The stack which is usually abbreviated with ELK contains the following components
Quest InTrust is a very powerful log management framework which also contains a lot of possible ways to notify about triggered alerts:
It is well known for anyone who tried to run a VM in the cloud that RDP port if left opened will be attacked with massive waves of brute-force attempts from IPs all around the world.
I run a detection lab in Azure and at some point, it just started to…
As mentioned in an earlier post, COVID-19 phishing and malware campaigns are on the rise. Cyber criminals are exploiting the opportunity of today’s chaos:
VPN. VPN. VPN. This pushed-aside and closely guarded technology has suddenly seen a resurgence during the COVID-19 work-from-home directives; but instead of just your executives receiving access, IT organizations are opening up access to all remote employees…
In recently released Update 1 for InTrust 11.4.1 there is a hidden gem – Suspicious process was started rule, it allows detection of hidden steps that ransomware and malware would do to achieve persistence, hide their tracks and disable protection…
![Your Ticket to the IT Dance: The Endpoint Compliance Two-Step [New Paper]](https://www.quest.com/community/cfs-filesystemfile/__key/communityserver-components-secureimagefileviewer/communityserver-blogs-components-weblogfiles-00-00-00-00-38/pex_2D00_abstract_2D00_art_2D00_blur_2D00_bright_2D00_373543_5F00_1100x500.jpg_2D00_100x100x2.jpg?_=637169439777261444)
Who says IT administrators can’t dance? It turns out that IT asset management and compliance boils down to a two-step, which almost anybody can do.
Sure, there’s a difference in style between the quick-quick-slow-slow of country and the left-come…
Something really cool about honeypots and deception technology, in general, is that you can see a hacker or a penetration tester in action with very little false positive notifications. Deception also can help with detecting yet unknown threats that cannot…
The meteoric rise of Microsoft Teams, and the apps users freely downloading into it, will create more access vulnerabilities for your network. In part 3 of a 7 part series diving in-depth in to my 2020 predictions (see all 7 predictions here ), we’ll…
