-
The story: I have got a request from a client asking to find out which server(s) is using which domain admin or a highly privileged account as a service. To find this I already wrote a powershell script that does this, Search the non standard/(Domain only users) and show the services and name of the […]
-
Turla APT found exploiting LightNeuron backdoor, a first of its kind targeting Microsoft Exchange email servers. A Russian cyber-espionage group has developed and has been using one of the most complex backdoors ever spotted on an email server, according to new research published today by cyber-security firm ESET. The backdoor, named LightNeuron, was specifically designed […]
-
You might have heard that very recently Google has launched their DNS over TLS which is based on their Google Public DNS service the most commonly used DNS recursive resolver worldwide. In a statement Google published the following article https://security.googleblog.com/2019/01/google-public-dns-now-supports-dns-over.html Google Public DNS is the world’s largest public Domain Name Service (DNS) recursive resolver, […]
-
MasterCard / Microsoft / Privacy / Security January 10, 2019
MONITORING SOCIETY. Mobile Bank ID and Swish were just the beginning. Now, Mastercard and Microsoft are to produce digital identities for everyone. Your identity should be known no matter what you do. The system will also simplify for increased invasion of racial strangers to the West. Last Month, Mastercard and Microsoft announced in a joint […]
-
Exchange 2013 / Exchange 2016 / Exchange 2019 / Microsoft / Security January 9, 2019
CVE-2019-0586 | Microsoft Exchange Memory Corruption Vulnerability Yesterday Microsoft has published an KB article about a security threat to Exchange 2013-2016 and 2019. The article mentions CU10-CU11 for Exchange 2016, CU21 for Exchange 2013 and RTM version of Exchange 2019 as well. I spoke to Microsoft of whether this issue affects earlier CU versions for […]
-
Suppression allows an administrator to control how many alerts are generated from (or to) a given host or for a particular signature. What does it do exactly? Suppression prevents rules from firing on a specific network segment without removing the rules from the ruleset. By using suppression, ruleset can be quickly turned for a specific […]
-
Change Password Policy for AD and domain users To change the password policy we’ll have first to open Group policy management which is located in “Administrative Tools” on your DC Right click on “Default Domain Policy” in order to change the password policy for all users within a domain. This will open the Group Policy […]
-
This guide will show you how to installing order to Install “Only” Trend Micro 11.0 on Exchange 2013 server You will have to make sure that before you install Trend Micro you have enough resources on the mail servers or Edge servers depending on where you are intending to install it. Prerequisites: You will need […]
-
Filter DNS traffic after blocking websites with Squid Let’s assume that you have installed and configured Squid Proxy to block several categories of websites that you don’t want your users or clients to visit .. In some places maybe interference on client machines or applying group policy on AD is not strict thing and might […]
-
In this post I will guide you through the configuration of how to enable SSH accessibility to Pfsense on a non-standard SSH with private keys in order to more strengthen the security of connecting to your firewall. First thing I will open the web browser to Pfsense then from System tab menu I will click […]