How do you intend to block lateral movement if an attacker has made it into your network? In looking at recent ransomware attacks there are some consistent attack vectors used for lateral movement that are almost always exploited.

  Add the last “S” for security. I remember the old mattress commercials. You left the last “S” of the phone number for savings. In our world, we need to always make sure we have the last “S” for security. In our world, any internet-facing connection simply must use a commercial SSL (i.e. VPN, Secure […]

In today’s school environment, everyone and almost every piece of equipment talks to the internet and run on your network. Your HVAC system, security cameras, phones, bus cameras and communication, attendance, payroll, and many of your teaching tools are all connected to the internet.

“I am watching you…Always watching” -Roz Monsters Inc. For New Year’s we once again had a holiday crisis. Fortunately, this wasn’t an attack.

  “None shall pass” -The Black Knight “Monty Python and the Holy Grail” Today I would like to challenge you to “test two aspects of your network backups. Most of you have never done this because yPreview (opens in a new tab)ou are “too busy putting out fires”. It is summer.

  A few years ago, in a Tech Talk I talked about a major college that suffered a complete network lockout due to a soda machine that introduced malware into the network that sought out all the default passwords on their devices and locked out an estimated 5,000 devices that each had to be manually […]

  The first line of email defense is a properly formed SPF record “Paper’s Please” Those words denote fear. Some official, authority person (often with a gun and with lots of their co-workers with guns) is asking for identification at a checkpoint.

We always have the Paladin Sentinel Monitoring console up during the day.  I am still seeing mass use of the domain administrator account to RDP into servers and lots of daily RDP connections in general. There are legitimate reasons to RDP into servers.

You all may have heard Scott talking about “those ex-NSA guys at Huntress” he talks to. Bob and Scott have been stressing the importance of layers of security for proper cyber defense for many years now. CSI uses Huntress on all Windows machines.

“Treat your password like your toothbrush. Don’t let anyone else use it and change it every six months” -Clifford Stoll Password security is always on our minds. The NYS Comptroller’s Office technology audits love to list this in audit reports as an area that needs improvement.