Enzoic for Active Directory Lite
A quick password auditing tool that pinpoints which user accounts in Active Directory have weak or compromised passwords. Download and go for free. https://ift.tt/3nADOLK
Tag: Security
Cloudflare customers on Free plans can now also get real-time DDoS alerts
Cloudflare customers on Free plans can now also get real-time DDoS alerts https://ift.tt/3rrUNUh We’re excited to announce that customers using our Free plan can now get real-time alerts about HTTP DDoS attacks that were automatically detected and mitigated by Cloudflare. The real-time DDoS alerts were originally announced over a year ago but were made available […]
Check your SPF records: Wide IP ranges undo email security and make for tasty phishes
Check your SPF records: Wide IP ranges undo email security and make for tasty phishes https://ift.tt/3Fjy5mc Image: Can I Phish/Sebastian Salla You’ve done the right thing by your organisation and made sure that DMARC and SPF (sender policy framework) records are set in an effort to reduce email spoofing, but all that good work could […]
Wireshark creator joins Sysdig to extend it to cloud security
Wireshark creator joins Sysdig to extend it to cloud security https://ift.tt/3FpM61V If you’re a real network administrator, you know and love open source Wireshark. For over 15-years, it’s been the tool that professionals use for network traffic protocol analysis. Nothing else even comes close. Now, Sysdig, the container and cloud security company, has hired Gerald […]
Emergency Windows Server update fixes Remote Desktop issues
Emergency Windows Server update fixes Remote Desktop issues https://ift.tt/3eSJ2AA Microsoft has released an emergency out-of-band update to address a Windows Server bug leading to Remote Desktop connection and performance issues. “Microsoft is releasing Out-of-band (OOB) updates today, January 4, 2022, to resolve issues in which Windows Server might experience a black screen, slow sign in, […]
Threat actors target HPE iLO hardware with rootkit attack
Threat actors target HPE iLO hardware with rootkit attack https://ift.tt/3eQHDKO Experts have uncovered a new rootkit malware package that targets a low-level remote management component in Hewlett Packard Enterprise servers. Researchers with cybersecurity vendor Amnpardaz Soft say that the malware, dubbed Implant.Arm.ilobleed, specifically targets the firmware level of HPE technology known as iLO, or Integrated […]
Windows security baselines guide – Windows security
Learn how to use Windows security baselines in your organization. Specific to Windows 10, Windows Server 2016, and Office 2016. https://ift.tt/342Y1pg
Multiple Apache Vulnerabilities fixed in 2.4.52
Multiple Apache Vulnerabilities fixed in 2.4.52 https://ift.tt/3myVxFB The Apache project released an advisory, describing the following vulnerabilities:1) CVE-2021-44790A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft […]
Security firm Blumira discovers major new Log4j attack vector
Security firm Blumira discovers major new Log4j attack vector https://ift.tt/3GVGL3k It doesn’t rain, but it pours. Previously, one assumption about the 10 out of 10 Log4j security vulnerability was that it was limited to exposed vulnerable servers. We were wrong. The security company Blumira claims to have found a new, exciting Log4j attack vector. You […]
Check your patches – public exploit now out for critical Exchange bug
Check your patches – public exploit now out for critical Exchange bug https://ift.tt/3cGzgAr It was a zero-day bug until Patch Tuesday, now there’s an anyone-can-use-it exploit. Don’t be the one who hasn’t patched. Security via Naked Security https://ift.tt/1pHdTOi November 23, 2021 at 02:41PM Paul Ducklin
Stack IT News 