The recently discovered Windows zero-day vulnerability continues to make news as threat actors across the globe are relentless in their efforts to exploit it. The vulnerability, dubbed Follina, can be exploited when the Microsoft Support Diagnostic Tool (MSDT) is called …
ADAudit Plus’ year in review
2021 has been a feature-packed year for ADAudit Plus. Having rolled out an array of new auditing capabilities, features, and enhancements, ADAudit Plus has continued to make it easier for you to gain visibility and control over your Active Directory …
What causes repeated account lockouts and how to resolve them
A stringent account lockout policy is vital to derail password guessing and brute-force attacks but it also runs the risk of locking out legitimate users costing businesses valuable time, money, and effort.
With password reset requests accounting for almost 30% …
Windows logon auditing: Everything you need to know in only 10 minutes [Free e-book]
User logon activity needs to be audited to meet various security, operational, and compliance requirements of an IT environment, such as:
-
Detecting suspicious activities like a high volume of logon failures.
-
Tracking the active and idle time spent by users
The LLMNR/NBT-NS strike
Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two protocols that are used to identify a host address on a network when the DNS name resolution, which is the conventional method, fails to do so.
When a …
The Windows LDAP bind security vulnerability you should know about
The Lightweight Directory Access Protocol (LDAP) is used by directory clients to access data held by directory servers. Clients and applications authenticate with Windows Active Directory (AD) using LDAP bind operations.
There are different kinds of LDAP bind operations, including:…
IT security: Keep calm and monitor PowerShell
In our last release of the PowerShell security series, we talked about how PowerShell could be leveraged by malicious actors to gain unprecedented access to your organization’s critical assets. From enumerating sensitive domain information and carrying out credential-based attacks to …
Is your business PCI DSS compliant?
How Chooseus Life Insurance lost its customers’ cardholder details and their trust
In August 2019, reporters began flocking to Chooseus Life Insurance’s head office in Detroit after news leaked that thousands of the company’s customers had lost money due to …
NTLM vulnerabilities that make you susceptible to relay attacks
In June 2019, Microsoft released patches for two critical vulnerabilities that were discovered in its NT LAN Manager (NTLM) protocol suite affecting all versions. These vulnerabilities let attackers execute malicious code on any Windows machine remotely, or even authenticate to …