Intro Defending an Active Directory environment, particularly a large one, is a daunting task. Telemetry generated by Active Directory itself as well as the hosts connected to it are critical…
read moreCIS Telework Guidance The folks over at the Center for Internet Security, whose core mention is to secure online experiences, have authored security guidance for teleworkers. The CIS recently released…
read moreThe Forcibly Converged Network The convergence of home and corporate networks continues unabated. Converged workspaces are here to stay for the foreseeable future. Most converged networks that we assess are…
read moreWFH Lateral Movement TTPs With the increase of remote working arrangements due to the ongoing pandemic, corporate endpoints are now located far beyond the standard corporate perimeter. This presents attackers…
read moreAbout Zerologon (CVE-2020-1472) On September 11th, 2020, Secura researcher Tom Tomvoort published a blog post outlining the Zerologon vulnerability. Microsoft’s August Patch Tuesday releases contained a patch for CVE-2020-1472 which…
read moreSchool Days It’s Fall again and school is open (for most) in various modes of operation after several months of disruption due to COVID-19. Whether school districts offer in-person, virtual,…
read moreSeeing Red Recently, I asked my Lares mates to comment on a red team (RT) architecture post I stumbled upon. A volley of responses ensued with the conclusion: “That’s a…
read moreThe Transition from ACET to InTREx-CU for Credit Union Examinations The National Credit Union Association (NCUA) Chairman Rodney Hood discussed changes to the credit union (CU) CyberSecurity and Technology examination…
read moreThe term “security program” means a lot of different things to a log of different people. To some, it’s just an acceptable use policy or password policy. To others, it’s…
read moreDefensive Strategies: The Power of Visibility When: OnDemand About the Webinar: Security programs are struggling with noise. What is legitimate and what is suspicious? Attackers use that to their advantage…
read more