Compromised Contractor Credential Leads to Largest Cyberattack into the Systems of the US Government
The damage from the US federal government’s Office of Personnel Management data breach is only getting worse. First disclosed last month and affecting 4.2 million US federal employees, the number of compromised records now has reached 21.5 million people, including those who received government background checks for the past 15 years.
This morning The OpenSSL team released a security advisory stating that the latest versions of OpenSSL contain a severe vulnerability which can allow an attacker to bypass certain certificate validation checks, enabling them to issue an invalid certificate.
On demand webinar Webinar discusses the changing state of industry security, how current trends impact privileged accounts and their passwords, and what steps IT should be taking to ensure only those who should have access, do.
Webinar discussing the realities of today’s state of security using some of the most recent (and respected) reports in the industry, and look at what steps you should be taking to properly protect your privileged passwords.
Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…
Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.
In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.
I strongly believe that the Top 4 mitigation strategies don’t just simply apply to Australian organizations, it should be a global realization, a worldwide “ah ha!” for those still not quite understanding the importance here. Here’s a refresher (or intro) on the Top 4 mitigation strategies. Read on…
BeyondTrust has released version 4.0 of PowerBroker Management Suite, our solution for centralized real-time change auditing for Active Directory, File Servers, Exchange, and SQL, and recovery of Active Directory objects or attributes. This new release features some exciting enhancements – especially a new web console, deeper GPO auditing, and the addition of NetApp auditing.
Windows & IT Security Expert, Russell Smith shows you how to configure Microsoft’s free Local Administrator Password Solution (LAPS) tool to secure local administrator accounts. Organizations often use the same password for local administrator accounts across all devices, leaving them vulnerable to Pass-the-Hash (PtH) attacks, which can result in sensitive domain credentials being exposed. LAPS automates regular changes of local administrator passwords, and securely stores passwords in Active Directory (AD).