Infrastructure as Code assessment with Terraform https://ift.tt/2I2TqbT Security is of utmost importance for any piece of code or infrastructure The traditional security approach was based on a ticketing system to provision a piece of infrastructure. This method worked well in smaller settings where companies managed small infrastructures with minimum turnover. This was true in the […]
Quick Guide — How to Troubleshoot Active Directory Account Lockouts https://ift.tt/2VfLCqj Active Directory account lockouts can be hugely problematic for organizations. There have been documented instances of attackers leveraging the account lockout feature in a type of denial of service attack. By intentionally entering numerous bad passwords, attackers can theoretically lock all of the users […]
CVE-2020-27125, CVE-2020-27130, CVE-2020-27131: Pre-Authentication Vulnerabilities in Cisco Security Manager Disclosed https://ift.tt/32SZds4 Following the publication of proof-of-concept (PoC) code, Cisco released three advisories for multiple vulnerabilities silently patched in a recent update. Organizations should apply these patches immediately. Background On November 16, Cisco published advisories for three vulnerabilities in Cisco Security Manager, a tool to monitor […]
CVE-2020-1472: Advanced Persistent Threat Actors Use Zerologon Vulnerability In Exploit Chain with Unpatched Vulnerabilities https://ift.tt/3jSjUed U.S. Government agencies issue joint cybersecurity advisory cautioning that advanced threat groups are chaining vulnerabilities together to gain entry into government networks and elevate privileges. Background On October 9, the Cybersecurity Infrastructure Security Agency (CISA) and the Federal Bureau of […]
Best practices for defending Azure Virtual Machines https://ift.tt/3jGLr1R One of the things that our Detection and Response Team (DART) and Customer Service and Support (CSS) security teams see frequently during investigation of customer incidents are attacks on virtual machines from the internet. This is one area in the cloud security shared responsibility model where customer […]
Microsoft Zero Trust deployment guide for your applications https://ift.tt/2QIxhAN Introduction More likely than not, your organization is in the middle of a digital transformation characterized by increased adoption of cloud apps and increased demand for mobility. In the age of remote work, users expect to be able to connect to any resource, on any device, from anywhere in the world. IT admins, […]
How do I implement a Zero Trust security model for my Microsoft remote workforce? https://ift.tt/34oKQNI Digital empathy should guide your Zero Trust implementation Zero Trust has always been key to maintaining business continuity. And now, it’s become even more important during the COVID-19 pandemic to helping enable the largest remote workforce in history. While organizations […]
Five regular checks for SMBs https://ift.tt/2CPFsaQ It is not always economically viable for small and medium-size businesses to maintain a dedicated IT security team, so it often happens that one person is in charge of monitoring the entire infrastructure. Sometimes he or she is not even a permanent, full-time employee. Sure, a good administrator can […]
QSnatch Data-Stealing Malware Infected Over 62,000 QNAP NAS Devices https://ift.tt/3jTf3tJ Cybersecurity agencies in the US and UK yesterday issued a joint advisory about a massive ongoing malware threat infecting Taiwanese company QNAP’s network-attached storage (NAS) appliances. Called QSnatch (or Derek), the data-stealing malware is said to have compromised 62,000 devices since reports emerged last October, […]
CVE-2020-1350: Vulnerability in Windows DNS servers https://ift.tt/30ihdtA Microsoft has reported the vulnerability CVE-2020-1350 in Windows DNS server. Bad news: The vulnerability scored 10 on the CVSS scale, which means it’s critical. Good news: Cybercriminals can exploit it only if the system is running in DNS server mode; in other words, the number of potentially vulnerable […]
Stack IT News 