Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…
Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.
In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.
I strongly believe that the Top 4 mitigation strategies don’t just simply apply to Australian organizations, it should be a global realization, a worldwide “ah ha!” for those still not quite understanding the importance here. Here’s a refresher (or intro) on the Top 4 mitigation strategies. Read on…
BeyondTrust has released version 4.0 of PowerBroker Management Suite, our solution for centralized real-time change auditing for Active Directory, File Servers, Exchange, and SQL, and recovery of Active Directory objects or attributes. This new release features some exciting enhancements – especially a new web console, deeper GPO auditing, and the addition of NetApp auditing.
Windows & IT Security Expert, Russell Smith shows you how to configure Microsoft’s free Local Administrator Password Solution (LAPS) tool to secure local administrator accounts. Organizations often use the same password for local administrator accounts across all devices, leaving them vulnerable to Pass-the-Hash (PtH) attacks, which can result in sensitive domain credentials being exposed. LAPS automates regular changes of local administrator passwords, and securely stores passwords in Active Directory (AD).
As technology users, we choose to share what we share with the world. However, do you know that there is information being collected on some devices that you might not even know about? Unless you read all the terms of service, you likely don’t know.
This blog post is republished with the permission of Network Computing. The increasing range of security information sources can be overwhelming. Brian Chappell, Director of Technical Services for BeyondTrust suggests that analytics may offer assistance.
Paula Januszkiewicz explains and demos the techniques for memory acquisition, secrets to obtaining the juicy data, and how to find someone’s memory dump!
This month’s Patch Tuesday is a bit on the lighter side with only 8 bulletins. In total, 45 distinct vulnerabilities are addressed with over half belonging to Internet Explorer. At the time of release, Microsoft seemed to skip the MS15-058 bulletin, so we’ll be sure to keep an eye out for it.