Security News

Security News2018-05-30T15:32:31+00:00
1005, 2018

GDPR is coming… but what does it mean, and why should I care?

By |May 10th, 2018|Categories: Information Security News|Tags: , , , |

GDPR is coming… but what does it mean, and why should I care? If your organization hasn’t heard these four letters by now, it may not be time to panic - but it is time to learn what they mean and if they could impact organization.  Below is a brief overview intended to get you familiar with this new international regulation and hopefully answer some of the basic questions. [...]

2604, 2018

50 Shades of Administration – Managing Domain Admin Privileges

By |April 26th, 2018|Categories: Information Security News|

50 Shades of Administration During our work, both our auditors and engineers have noticed a common issue our clients large and small have – overly permissive administration accounts.  Many times, we see all IT users given a Domain Admin account, from the greenest helpdesk tech, to the person overseeing the network.  Microsoft’s Active Directory has a couple of different ways to grant rights to a user, group, or organizational [...]

2203, 2018

New Easy Password Standards? Not so Fast!

By |March 22nd, 2018|Categories: Information Security News|

Passwords… it's no secret; most of us are really bad at creating and maintaining passwords. In fact, 81% of hacking related breaches leveraged either stolen or weak passwords. But unfortunately, passwords won't go away any time soon. Almost every resource, application, web site, and the like requires some form of username and password. Because of this, it's no surprise that almost all of us struggle to follow recommended password [...]

803, 2018

Mimikatz – How it is Used to Exploit your Network

By |March 8th, 2018|Categories: Information Security News|

Bad Kitty How Mimikatz is used to exploit your network and what you can do about it. For this blog post I wanted to highlight a common attack vector that we often use in our penetration testing. My goal is to run through the process at a high level, and then cover some of the steps you can take to mitigate your risk. Specifically, this post will cover a [...]

2202, 2018

Saying Goodbye to NetBIOS

By |February 22nd, 2018|Categories: Information Security News|

NetBIOS (Network Basic Input/Output System) was created in the early 1980's, but is surprisingly still alive and well on many networks today. Microsoft Windows still uses it for its name resolution function (often by default), when DNS is not available. Network resiliency and access to resources is a good thing, but keeping NetBIOS enabled for that reason, is not. There are many security concerns with NetBIOS; and disabling its [...]

2812, 2017

5 Top Laptop Security Tips

By |December 28th, 2017|Categories: Information Security News|

Today's mobile workforce has generated the awareness and subsequent need for mobile security like never before. As data growth increases, the requirements set forth in new laws and regulations also demand that organizations demonstrate due-care in protecting sensitive customer data. Meanwhile, the ever-increasing amount of sensitive data continues to find its way onto laptops and adds additional threats to these devices. Because of these threats, organizations should follow a [...]

Load More Posts

“Glad I took the advice of others on FS-ISAC and went with 10-D. The service was great, as were the reports.”

— CM $4.1B FI in Northeast

Keep your institution off the evening news. Contact us today!

Contact Us Now