msmith@10dsecurity.com

/Mike Smith

About Mike Smith

This author has not yet filled in any details.
So far Mike Smith has created 3 blog entries.

The Inconvenience of Convenience – WST

2019-06-06T17:49:07+00:00

June 6, 2019 The Inconvenience of Convenience- WST This week’s security tip reminds us that convenience can be fraught with pitfalls.  And that the software and hardware that we so readily rely upon as a society in general, is by no means perfect.  Because it’s designed and manufactured by the most imperfect thing in existence.  Us. Researchers at Waseda University, Japan, recently published a report on the exploitation of near field communication technology provided with most smartphones sold today.  You may recognize NFC technology as being used for everything from device-to-device data transfer, to electronic payments ala [...]

The Inconvenience of Convenience – WST2019-06-06T17:49:07+00:00

Is it worth your reputation? – WST

2019-05-16T18:06:42+00:00

May 16, 2019 Is it worth your reputation? - WST At 10-D Security we see a fair number of organizations where the Risk and Vendor Management programs aren’t understood or don’t get the attention they deserve.  Combine those issues with weak BCP or incident response plans and training, and you have conditions for a perfect storm.  The whole point of these controls is to help the institution prepare for the day when things just go bad. Sometimes the guidance provided by regulators seems like mindless oversight and busy work to comply with regulations, but these areas of [...]

Is it worth your reputation? – WST2019-05-16T18:06:42+00:00

Local Administrator Password Solution (LAPS) – WST

2019-04-18T18:09:08+00:00

March 21, 2019 Local Administrator Password Solution (LAPS) - WST LAPS Local Administrator Password Solution (LAPS) addresses the basic issue where the same local administrator accounts are used on all hosts throughout the organization, leaving them susceptible for “Pass-the-Hash” and credential re-use attacks. LAPS does this by leveraging a combination of an application installed on a Domain Controller, Active Directory (AD) Templates, and PowerShell modules. The LAPS password is stored as the ms-Mcs-ADMPwd AD attribute and associated with a domain computer.  LAPS credentials are also passed using Kerberos encryption by default. Additional benefits include automated password rotation [...]

Local Administrator Password Solution (LAPS) – WST2019-04-18T18:09:08+00:00