Security

10 posts

Cluster, Server, and Client Must Do for Troubleshooting: Enable Windows Firewall Logging

When we set up a greenfield Active Directory Forest and Domain we do the following in Group Policy: New Group Policy Object (GPO) Linked & Enforced at the domain Level: Default Domain Security Policy Enable Remote Desktop Inbound: Allow users to connect remotely by using Remote Desktop Enable the Windows […]

Not so Tasty Christmas Fish: Intelcom Courier – Schedule Delivery with Fee

It’s pretty obvious that we’re in the height of the Christmas purchasing season. So, when something like this shows up in the Inbox if one isn’t thinking, one clicks and pays. Right? Well, in this case the Scrooge McDuck won out over paying the “fee” so a search of Intelcom’s […]

Azure Cloud Witness: Azure Advisor Security Warning for HTTP Storage Connections?

We’ve taken to deploying a Cloud Witness for almost all of our Windows Server based clusters whether Hyper-V, Storage Spaces Direct (S2D), or Scale-Out File Server. When logging on to the Azure Portal this morning we were prompted to check out a number of different areas by the Azure Advisor. […]

2020-01-14 Remote Desktop Gateway Vulnerability: PATCH. NOW!

As the subject says, there is basically an open door in the way RD Gateway handles incoming packets. Whether it is being exploited in the wild as of this writing is questionable. That being said, this is a bad one folks. Get those RD Gateway servers patched up. Oh, and […]

SMB & SME IT Pro Ransomware Protection Guidance

The following is a list of things we can do to help protect our client’s networks from a Ransomware Attack or recover from one if someone does end up doing something they should not have. Train users to not click ENABLE MACROs. Image Credit: https://www.malware-traffic-analysis.net Remember, those little EXTERNAL flags […]

Data Leak: 1.2B Unique People’s Worth

This news is more than disappointing: Personal and Social information of 1.2 billion people Discovered in Massive Data Leak The old cliché: Ignorance is Bliss Anyone else out there not know what “Data Enrichment” is and that there are companies out there that do this and then sell that information? […]

Remote Desktop Services Vulnerabilities: Now what?

There have been a number of vulnerabilities published for the Remote Desktop Services protocol stack over the last little while. The catch with all of them is to have a RDP listener open to the Internet on any port with Network Level Authentication disabled or not available as it was […]

IMPORTANT: SonicWALL Vulnerability Patch for Remote Management

We don’t receive a lot of these kinds of messages from SonicWALL so when it came in it was treated with much suspicion. The message can be found here: SonicWALL Security Advisory Announcement Below is a quote with all of the tracking stuff removed from the URLs. July 19, 2019A […]

Security: Client E-mail Warning for Current Malware Campaigns

The first place in any “security strategy” should be to train the human. Most malware infections today are caused by a user clicking through when they should not have. The posters below give a very clear set of workflows for an infection. Excellent posters via MALWARE-TRAFFIC-ANALYSIS.NET Note the STEP IN […]