Year: 2014
Sony Pictures Hacker Attack: Lesson Not Learned
2014 was one of the hardest years in the history of IT security: we became witnesses to dozens of breaches followed by loss of sensitive data, payments, tears and suffering of numerous users. In December, the Internet exploded with the news of the Sony Pictures hack, which took place in the end of November, but … Continued
5 Steps for Protection against Wiper Malware
Significant security threats emerged in 2014. Closing out this epic year with a bang is Destover, aka Wiper. Wiper, as far as security threats go, is significant. Significant enough that the FBI quietly sent a memo to businesses and government agencies advising vigilance against Wiper based attacks. In this post I’ll provide five clear steps … Continued
Ten Simple Ways to Prevent Security Breaches in Windows Server 2012
Windows Server is one of the most commonly deployed critical systems in the organization. Most of the applications used in the organization are also Windows based, plus there are other legacy applications built on these Windows platforms. Since these servers are used the most, they need to be configured with tight security. The latest ones, … Continued
10 Things to Consider for a Cyber Incident Plan
We go out, we buy antivirus protection, we buy firewalls, we jump through hoops to keep bad things from happening. And when they do, we find ourselves trying to sort out what to do next. That’s the wrong time to be trying to figure that out. You need to have a plan, and in this … Continued
Security Predictions 2015: New Challenges of Risk Mitigation
Michael Fimin, CEO of Netwrix Corporation, shared his thoughts and made a top list of security trends that will drive Information Technology in 2015. Information technology is constantly evolving, taking in more and more aspects of our personal and professional lives. As the complexity and diversity of devices, platforms, and modes of technological interaction advance, so … Continued
Regin: New Sophistication in Advanced Persistent Security Threats
End of November, three major antivirus vendors released details about what they deemed the most sophisticated virus ever discovered. But to call Regin a virus is somewhat underestimating its capabilities. Such is its sophistication, it would be more appropriate to refer to it as a compromise platform that allows its authors, probably backed by one … Continued
Detecting a Security Threat in Event Logs
When Windows Server has issues, the first place we go to are the event logs. We want to know what was going on when the trouble began, what applications were running and might have caused it, etc. We are masters at figuring this stuff out. Now take the same event logs and try to sort … Continued
Ten Simple Ways to Prevent Security Breaches in Windows File Server 2012
File server is the central location in any network containing all kinds of information which is saved and shared by users within the organization. There is no restriction on the type of information used and shared. Since it is one of the most common reach out place for the users in the organization, file server … Continued
How to Steal a Virtual Machine in Three Easy Steps
This last week, a thread in Spiceworks discussed a rogue sys admin that had come back to haunt this company. I read through the different threads and one in particular jumped out at me: “You people sound like a bunch of cops. Don’t you trust anyone? In order to trust someone, you must be trustworthy yourself.” … Continued
Backoff Malware: “Unsophisticated” But Effective
Look, I’m not trying to scare you, although I don’t think it’s a bad idea to be a little scared about the current threat level from data breaches. The Backoff malware that’s suspected to be behind most of the big headline breaches over the past year is generally described as not very sophisticated—yet criminals have … Continued
How to Detect Changes to Organizational Units and Groups in Active Directory
Accidental or malicious changes to Organizational Units (OU) and groups in Active Directory almost inevitably lead to trouble for IT departments. Here are some of the most common examples: if an OU that contains “User Accounts” is deleted, users will not be able to log in or experience difficulty accessing IT services such as e-mail, … Continued
Ten Simple Ways to Prevent Security Breaches in Microsoft Exchange 2010
Exchange data is the heart of any enterprise and is considered to be a critical business application, because it is used for record keeping and as a low-cost communication solution. Today, e-mails are not just accessible from the workstation within the corporate network; they can also be accessed from remote computers or mobile devices. This … Continued
Can SIEM Solutions Be Effectively Used for Change Auditing?
This should be no revelation to IT professionals: you have to regularly monitor changes occurring in your network – and mainly for two reasons. The first one is this: continuous monitoring will take pain off meeting compliance requirements and surviving auditor’s visits. The second reason to implement a solution that keeps track of the changes … Continued
Unauthorized Software Installation on Windows Server – Who? What? When?
Suspicious software on your Windows Server may be the result of an unauthorized installation by your own employee or originate from a hackers’ attack. Any suspicious software can potentially cause leakage of sensitive data, not to mention server performance slowdown or infringement of compliance policies. That is why it is vital to be aware of … Continued
Shellshock Survival Guide
In the past few months you might have heard news of cyber-attacks resulting in security breaches almost on a daily basis. HIPAA and PCI compliance violations, hacker intrusions and internal negligence were the top reasons for that. Probably, the most violent and massive of recent breaches was the Shellshock (Bashdoor) vulnerability. It has hit most … Continued
Ten Simple Ways to Prevent Security Breaches in Active Directory
Any IT organization is liable to security threats; however, they can be prevented if appropriate policies, processes and controls are implemented. “Better safe than sorry” applies to this situation perfectly. It is better to secure your infrastructure from being compromised than counting losses after a leakage. Active Directory is at risk in many different ways: … Continued
How to Detect User Account Changes in Active Directory
Tracking user account changes in Active Directory is primarily important from compliance and security-related considerations and also for operational efficiency purposes. Inactive user accounts or a large number of new accounts with extended permissions, disabled or suspiciously modified user accounts – all these issues may impact productivity and network security, not to mention that this … Continued
Shellshock Demands a Managed Response
Shellshock is the latest and possibly most significant IT security vulnerability identified by researchers. I imagine that by now most IT pros have heard of this threat. In a year of unprecedented security events, some may be “tuning out” security. If ever there was an IT vulnerability to not minimize, it’s Shellshock. Heartbleed, a massive … Continued
Understanding the Mailbox Move Request in Exchange 2010
Mailbox Move Request is the process of moving a mailbox from its source mailbox database to a target mailbox database. Target mailbox database can be either on the same server or on a different server or even in a different domain/forest. Mailboxes are moved for various reasons like transitioning to the new environment or investigating … Continued
Exploring Exchange 2010 Role Requirements Calculator – DAG Scripts
Microsoft Exchange 2010 Role Requirements Calculator is de facto a tool to calculate and design Exchange 2010 solution for the production environment. It’s a Microsoft best practice tool created using Excel application for easy usage and distribution, and it can be downloaded from Microsoft TechNet Gallery. Administrator has to key in all the necessary design … Continued
5 Reasons to Reassess Your IT Security Strategy
If you’ve been in the IT field for a while, you know that one thing you can depend on is that you can’t depend on anything to stay the same. Technology is always advancing, trends are always changing, and you’re often left scrambling to keep up. Nowhere is this more true than in the security … Continued