Blog

  • 5 reasons why system hardening should be your top priority this year

    If you haven’t yet established an organizational system hardening routine, now is a good time to start a hardening project. A good place to start is building your policy, usually according

    Read More
  • Mitigating Print Spooler Vulnerability

    Two zero-day vulnerabilities were discovered in Microsoft’s Print Spooler service. These new vulnerabilities accompany an old DoS vulnerability that Microsoft declared won’t be patched. The first vulnerability CVE-2020-1048, a privilege escalation

    Read More
  • securing Active Directory when anonymous users must have access

    Allowing unauthorized users to perform actions anonymously in your Active Directory (AD) is not recommended security-wise, but in many cases is mandatory to allow critical network activities. When this is the

    Read More
  • zerologon vulnerability- patching is not enough

    Zerologon (CVE-2020-1472) is a vulnerability in the cryptography of Microsoft’s Netlogon process. It is rated 10 out of 10 for severity, and there are already known proof of concept exploits and

    Read More
  • Ensure ‘Turn on PowerShell Script Block Logging’ is set to ‘Disabled’

    PowerShell is a built-in scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. PowerShell’s power makes it

    Read More
  • How to prevent powershell attacks

    PowerShell is a built-in scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. PowerShell’s power makes it

    Read More
  • The different stages of a PowerShell attack

    PowerShell is a scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. Although it was developed for

    Read More
  • PowerShell Security Advantages and Disadvantages

    PowerShell is a scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. PowerShell was launched in 2006

    Read More
  • CMMC vs NIST 800-171, and server hardening

    In January 2020 the Department of Defense (DoD) published the Cyber Maturity Model Certification (CMMC) framework to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). According to

    Read More
  • IIS: Ensure ‘deployment method retail’ is set

    This configuration is important both for the performance and the security of the production environment.   Performance-wise, you can set the <deployment retail> to true in order to ensure that no

    Read More
  • How can hardening protect against WastedLocker

    WastedLocker has been around since May 2020, creating enormous damage to many organizations, some of them are part of the US Fortune 500. The last highly mentioned in the media WastedLocker

    Read More
  • Automation in server hardening- essential, or a buzz word?

    Everything around information security is becoming automated nowadays, but not all automations are born equal. For some processes, automation can be beneficial. But for others, it can be an empty buzz

    Read More