Blog

  • LDAP Authentication and Security – Signing, Binding and Configuration

    Lightweight Directory Access Process (LDAP) is a user authentication process developed for directory services. This protocol is usually used by applications for searching resource information such as users and different system

    Read More
  • Ensure ‘Audit Kerberos Service Ticket Operations’ is set to ‘Success and Failure’

    Kerberos is an authentication protocol, designed for enhanced security. Kerberos authentication protocol designed with a ticket-granting mechanism. As part of the Kerberos authentication mechanism, an Authentication Server is granting a Ticket

    Read More
  • NTLM v1 and v2 vs Kerberos

    Kerberos, NTLMv1, and NTLMv2 are three authentication protocols. These protocols aim to enhance security, especially in the Active Directory environment. Authentication protocols are popular attack vectors. They can help attackers gain

    Read More
  • Kerberos Tickets and Authentication in Active Directory

    Kerberos is an authentication protocol. It is designed for client-server applications and requires mutual verification.   Kerberos is the default protocol used when logging into a Windows machine that is part

    Read More
  • Ensure ‘Create Symbolic Link’ in Windows is set to ‘Administrators’ (DC only) – The Policy Expert:

    This Policy Expert post will discuss the recommended setting for Symbolic Links in your servers, since as much as they are useful, Symbolic Links can also be used maliciously to gain

    Read More
  • 23 NYCRR Part 500 Compliance Checklist

    Lately, we are approached by many insurance companies located in the state of New York asking for assistance with the 23 NYCRR Part 500 regulation compliance. Like in many other cases,

    Read More
  • NTLM Vulnerabilities Review

    This blog post will explain NTLM’s main security weaknesses. From common attack techniques to specific vulnerabilities.   NTLM is a rather veteran authentication protocol and quite vulnerable for relatively easy to

    Read More
  • Avoiding Obsolete Cipher Suites and Key Exchange

    The NSA recommends replacing obsolete protocol configurations with ones that provide better encryption and authentication.   Using only TLS 1.2 and above is old news. It has been known for a

    Read More
  • 5 reasons why system hardening should be your top priority this year

    If you haven’t yet established an organizational system hardening routine, now is a good time to start a hardening project. A good place to start is building your policy, usually according

    Read More
  • Microsoft’s Print Spooler Vulnerability

    Two zero-day vulnerabilities were discovered in Microsoft’s Print Spooler service. These new vulnerabilities accompany an old DoS vulnerability that Microsoft declared won’t be patched. The first vulnerability CVE-2020-1048, a privilege escalation

    Read More
  • securing Active Directory when anonymous users must have access

    Allowing unauthorized users to perform actions anonymously in your Active Directory (AD) is not recommended security-wise, but in many cases is mandatory to allow critical network activities. When this is the

    Read More
  • zerologon vulnerability- patching is not enough

    Zerologon (CVE-2020-1472) is a vulnerability in the cryptography of Microsoft’s Netlogon process. It is rated 10 out of 10 for severity, and there are already known proof of concept exploits and

    Read More