It seems like Cyber Attacks are happening everywhere these days. Whether it’s a national news report of an attack against a company that has your credit card information or local news reporting a school district like yours that’s been hit with a ransomware/data breach, these stories are plentiful.
Microsoft has tried hard to increase awareness of “pass the hash” attacks. They have been patching, but the threats keep coming. Back in April Microsoft released something quite awesome – their next-generation Local Administrator Password Solution (LAPS). Quite simply LAPS allows you to automatically rotate the password for a designated “local administrator” account on endpoints.
‘Those who cannot remember the past are condemned to repeat it’ -George Santayana From his work; Life of Reason, Reason in Common Sense 1905 You have so many tasks you “must do” to keep your district safe.
I learned to drive “on the wrong side of the road” on a Monday morning in downtown London. I hit my first object in about 50 feet when I ran over the cross beam of a crowd fence and it bounced up and tapped my car. It was scary, but I eventually got to the […]
Late in the afternoon on a Friday, I created a bit of a scare for those of you who are part of our Paladin Sentinel monitoring system. I was doing my due diligence removing a monitoring policy we experimented with after our last major system upgrade, but didn’t provide any value to us or you.
We have a new technology coming online with all the popular web browsers. It is called DNS over HTTPS or DoH. The concept is instead of using your internal DNS to resolve web pages, the web browser goes back to an external DNS site to resolve the page.
We all understand the scourge of Ransomware. It is debilitating. Even in the best case, it consumes a huge amount of time to recover. However, now the bad guys are getting even more nasty. They want their money. If you decide you can recover or don’t care, they get nothing.
We always have the Paladin Sentinel Monitoring console up during the day. I am still seeing mass use of the domain administrator account to RDP into servers and lots of daily RDP connections in general. There are legitimate reasons to RDP into servers.
You all may have heard Scott talking about “those ex-NSA guys at Huntress” he talks to. Bob and Scott have been stressing the importance of layers of security for proper cyber defense for many years now. CSI uses Huntress on all Windows machines.
“Treat your password like your toothbrush. Don’t let anyone else use it and change it every six months” -Clifford Stoll Password security is always on our minds. The NYS Comptroller’s Office technology audits love to list this in audit reports as an area that needs improvement.