10-D Security

Home/10-D Security

About 10-D Security

This author has not yet filled in any details.
So far 10-D Security has created 10 blog entries.

Browser Password Storage Thoughts – WST

2020-10-01T21:14:16+00:00

October 1, 2020 Browser Password Storage Thoughts - WST There is some risk when allowing a user’s browser to remember passwords.  If a bad actor gets access to a machine, they could possibly leverage the passwords stored in the browser to increase access and move to other systems.  It should be noted that there are numerous other ways they can do the same, so blocking browsers from remembering passwords is simply a layer in your overall controls.  All browser vendors allow you to block password storage via Active Directory Group Policy, and a Google search for “browser [...]

Browser Password Storage Thoughts – WST2020-10-01T21:14:16+00:00

IT Asset Management – WST

2020-09-17T20:44:18+00:00

September 17, 2020 IT Asset Management-Secure your environment and save money too! - WST Do you keep an accurate and up-to-date inventory of your IT assets?  If not, you may be wasting money and decreasing your overall IT security posture. One of the most important aspects of managing your IT environment is knowing what you have.  Inventory all IT assets: desktops, servers, printers, network attached cameras, routers, switches, firewalls – if it plugs into the network, inventory it.  Use this list to make sure all assets are included in the controls you have in place, such as [...]

IT Asset Management – WST2020-09-17T20:44:18+00:00

Increase in Cybercrime During COVID-19 – WST

2020-09-17T20:04:01+00:00

September 3, 2020 Increase in Cybercrime During COVID-19 - WST Increase in Cybercrime During COVID-19 As the pandemic continues to rage on, we’ve discovered some of the hardest working people during this time are fraudsters and scammers who never seem to be impacted by high unemployment rates.  According to a recent FinCEN Advisory (https://www.fincen.gov/sites/default/files/advisory/2020-07-30/FinCEN Advisory Covid Cybercrime 508 FINAL.pdf) cybercriminals and malicious state actors are setting their sights on financial institutions and their customers by enabling more malware and phishing schemes, extortion, business email compromise (BEC) fraud, and exploitation of remote applications. Targeting and Exploitation of Remote [...]

Increase in Cybercrime During COVID-19 – WST2020-09-17T20:04:01+00:00

OneDrive and Vulnerability Scans – WST

2020-09-03T22:02:13+00:00

August 27, 2020 Don't Let OneDrive Mess up your Vulnerability Scan! - WST Recently, many of our clients have had significant increases in the number of vulnerabilities found during their Internal Vulnerability Scans.  One of the primary reasons for this is Microsoft OneDrive, and the way it installs on workstations by default. The way most environments install OneDrive, the application will install to the user’s local AppData folder (%localappdata%).  While convenient, this means that each user basically installs their own copy of OneDrive, leading to multiple instances of the application on each system.  The problem becomes evident [...]

OneDrive and Vulnerability Scans – WST2020-09-03T22:02:13+00:00

Admin Privileges – WST

2020-09-03T21:56:58+00:00

August 13, 2020 Admin Privileges - WST Are your employees using administrator level accounts for general daily activities?   If so, your institution is quite vulnerable to malware and other targeted attacks. No daily user accounts should ever have administrative rights to their local workstations.  Full stop.  You may have software that a vendor says, “it needs admin-rights to work,” but the simple fact is that there are so many workarounds for this problem in modern operating systems there just isn’t any excuse anymore.  It should also be noted that Microsoft has considered requiring users have local administrative [...]

Admin Privileges – WST2020-09-03T21:56:58+00:00

Don’t Suffer from Alert Fatigue-WST

2020-09-03T21:52:15+00:00

August 20, 2020 Don’t Suffer from Alert Fatigue - WST We live in a busy, and often stressful world.  With most of us carrying around at least one always-connected device, we are constantly bombarded with notifications, reminders, and pop-ups from apps trying to get our attention.  It can quickly become overwhelming, resulting in us either quickly dismissing notifications without looking twice, or just ignoring them completely until we get in and clear them out. For those poor souls out there responsible for maintaining or securing servers and networks, you have even more alerts to watch and worry [...]

Don’t Suffer from Alert Fatigue-WST2020-09-03T21:52:15+00:00

DMZ-WST

2020-08-07T14:52:47+00:00

August 6, 2020 DMZ (Demilitarized Zone) - WST Much like the contested area that separates two foreign powers that do not trust each other, a network DMZ is a place where you stick things to don’t fully trust - like public facing servers, or even your service providers.  Yes, you have properly vetted them as part of your vendor management program, but depending on the relationship, you do not necessarily trust them with your institution’s network or all of your data.  For example, why would you want someone at your ATM service provider to have full access to [...]

DMZ-WST2020-08-07T14:52:47+00:00

Adobe Flash is almost done

2020-07-28T16:42:41+00:00

July 23, 2020 Adobe Flash is almost done - time to purge! - WST Adobe will stop distributing and updating Flash Player after December 31, 2020.  We shouldn’t be surprised by this news; Adobe gave us three years notice, and browsers have been yelling at us forever that Flash is nearing end of support and has been disabled by default. There’s been little need to download and install Flash for a long time, as Microsoft built it into Internet Explorer and Edge for years, and Google Chrome and Mozilla Firefox have as well.  Microsoft states that “Flash will [...]

Adobe Flash is almost done2020-07-28T16:42:41+00:00

50 Shades of Administration – Managing Domain Admin Privileges

2019-10-22T20:50:32+00:00

50 Shades of Administration During our work, both our auditors and engineers have noticed a common issue our clients large and small have – overly permissive administration accounts.  Many times, we see all IT users given a Domain Admin account, from the greenest helpdesk tech, to the person overseeing the network.  Microsoft’s Active Directory has a couple of different ways to grant rights to a user, group, or organizational unit, allowing the target the ability to perform certain tasks without giving them the keys to the kingdom.  Here are just a couple simple examples. In the Springfield.local domain, Lisa Simpson [...]

50 Shades of Administration – Managing Domain Admin Privileges2019-10-22T20:50:32+00:00

Memory Acquisition Tools

2020-09-17T21:33:14+00:00

Memory Acquisition Tools Combating today’s advanced malware requires skill and an advanced toolset. The most common incident response procedure that we see in smaller organizations is to identify infected machines and simply run malware scanners (Malwarebytes, Spybot, etc...) until the scan comes back clean. This “scan until clean” mindset often results in repeated infections and gives the organization a false sense of security. Malware scanners suffer from the same weaknesses that standard antivirus programs suffer from, and that is that they are signature based and can only discover malware that has already been found and reported. And yes, if you [...]

Memory Acquisition Tools2020-09-17T21:33:14+00:00
Go to Top