|
By John Gates
Banks and Insurance companies in New York are grappling with the complexities of 23 NYCRR Part 500, a challenging cybersecurity regulation that demands comprehensive and nuanced security measures. The primary hurdle for these organizations is translating the regulatory language into actionable, practical steps that meaningfully enhance their cybersecurity posture.
|
By Ben Balkin
A core dump is a snapshot capturing the state of a program at the moment it crashes. This memory dump includes the processors state and the program's memory, including variables, program data, and processor registers. The data stored in core dump files, also records the contents of the system memory and CPU registers. Backtraces are generated during a program crash. They show the sequence of function calls leading to the crash called the call stack.
|
By John Gates
A newly discovered zero-day vulnerability in Windows potentially exposes users across multiple Windows versions to credential theft. Discovered by 0patch researchers, this critical security flaw allows attackers to steal NTLM credentials through a deceptively simple method. The vulnerability affects a wide range of Windows systems, including: Technical details of the vulnerability are withheld to minimize exploitation risk until Microsoft issues a fix to minimize any further risk of exploitation.
|
By Ben Balkin
Cryptographic mechanisms protect the integrity of audit tools by ensuring that the data they collect is trustworthy. Most systems constantly run audit tools in the background, system activity such as user logins, file changes and network activity is monitored and recorded. These records are vital to system administrators for compliance, forensic analysis and security monitoring. Using cryptographic mechanisms is vital to the integrity of this data.
|
By John Gates
Kernel Direct Memory Access (DMA) Protection is a security feature in Windows designed to prevent unauthorized access to memory by external peripherals. Kernel DMA Protection requires UEFI firmware support, and Virtualization-based Security (VBS) isn’t required. Kernel DMA Protection offers enhanced security measures for the system compared to the countermeasures against BitLocker DMA attacks, all while preserving the usability of external peripherals.
|
By John Gates
Transport Layer Security (TLS) is a cryptographic protocol designed to provide secure communication between web browsers and servers. Many IP-based protocols such as HTTPS, SMTP, POP3, and FTP support TLS. Secure Sockets Layer (SSL), on the other hand, is a protocol used to establish an encrypted link between web browsers and servers. It uses symmetric cryptography to encrypt the data transmitted. Encryption keys are based on shared secret negotiation at the beginning of any communication session.
|
By Ben Balkin
The GNOME Display Manager (GDM) is a program that facilitates graphical user login for Linux systems using GNOME, running and managing the X.Org display servers for both local and remote logins. The GNOME Display Manager (GDM) is the login graphical user interface (GUI) and manager for the GNOME desktop environment within Linux. GDM runs in the background and is a replacement for X Display Manager (XDM), handling user authentication, and initiating desktop sessions.
|
By Ben Balkin
Repo_GPGcheck ensures linux verifies the authenticity of software packages downloaded from repositories, reinforcing overall system security and safeguarding against unauthorized software sources. A repository in Linux is a storage location where software packages are managed and organized. When installing or updating software, Redhat based Linux systems pull the required packages from these repositories using the YUM (Yellowdog Updater, Modified) package manager.
|
By John Gates
Linux distributions come with Discretionary Access Control (DAC) preinstalled in them. A sudo user is usually created in a Linux system to work at root-level privileges. DAC system provides the sudo user with all the administrator rights which may be a security threat if the sudo user is not trustworthy. SELinux is a Mandatory Access Control (MAC) system that replaced traditional DAC systems in modern Linux OS. SELinux allows the system admins to have more control over who can access the system.
|
By Ben Balkin
Multi-Category Security Translation Service (MCSTrans) daemon provides category label information to client processes requesting information. The label translations are defined in: /etc/selinux/targeted/setrans.conf Run the following command and verify mcstrans is not installed.
|
By CalCom
In this video discussing server hardening, you’ll learn why server hardening is so important to your IT Enterprise. Whether you’re a seasoned CISO or IT professional, this video is a must-watch for anyone who wants to keep their servers secure.
|
By CalCom
Explore the core principles behind these baselines, including risk management, threat identification, and control selection. Gain insights into the latest updates and revisions, ensuring you stay up-to-date with the best practices and industry standards.
|
By CalCom
To safeguard the SQL layer against common SQL-based attacks, including Denial of Service, Brute Force, and SQL injections, and to prevent privilege escalations, hardening the SQL server is of utmost importance. Achieving compliance and satisfying auditors also necessitates SQL hardening. By implementing SQL hardening measures at both the application and operating system levels, the organization can significantly reduce its attack surface and eliminate critical vulnerabilities.
|
By CalCom
When installing a new Linux server, you should be aware that its level of security is very low by default, to allow as much functionality as possible. Therefore, performing basic hardening actions before the server is installed in production is crucial. CalCom Software is hardening RedHat / Linux.
|
By CalCom
The LAN Manager (LM) is a group of early Microsoft client/server software products that enable users to connect personal computers on a single network. Its features include transparent file and printer sharing, user security features, and network administration tools. In Active Directory domains, the default authentication protocol is the Kerberos protocol. However, if Kerberos is not available for any reason, LM, NTLM, or NTLMv2 can be used as an alternative.
|
By CalCom
This policy setting determines whether the LDAP server requires LDAP clients to negotiate data signing. Using the default configuration of this value allows LDAP clients to communicate with Active Directory in an insecure fashion.
|
By CalCom
Server hardening is a bigger challenge today than ever before. When infrastructure becomes more and more complex, it is impossible to achieve compliance using manual tools to harden servers. CalCom offers an automated solution for server hardening for easy policy enforcement and maximum compliance.
|
By CalCom
Auditing Kerberos service ticket operations is important for detecting hackers trying to use Kerberos as an attack vector. The default value of this configuration is to audit only successful events. This may eventually result in missing an attack or not having enough information to investigate it.
- December 2024 (4)
- November 2024 (8)
- October 2024 (7)
- September 2024 (10)
- August 2024 (10)
- July 2024 (12)
- June 2024 (14)
- May 2024 (17)
- April 2024 (12)
- March 2024 (14)
- February 2024 (4)
- January 2024 (17)
- December 2023 (1)
- November 2023 (4)
- October 2023 (5)
- September 2023 (1)
- July 2023 (5)
- June 2023 (5)
- May 2023 (4)
- April 2023 (2)
- March 2023 (4)
- January 2023 (12)
- December 2022 (2)
- November 2022 (4)
- September 2022 (2)
- August 2022 (1)
- July 2022 (2)
- June 2022 (2)
- May 2022 (6)
- April 2022 (4)
- March 2022 (6)
- January 2022 (1)
- December 2021 (3)
- November 2021 (3)
- October 2021 (1)
- May 2021 (2)
- April 2021 (3)
- March 2021 (1)
- January 2021 (1)
- February 2020 (1)
- January 2020 (1)
- December 2019 (7)
- April 2019 (1)
- March 2019 (2)
- February 2019 (1)
CalCom Hardening Solution (CHS) is the ideal choice for IT Ops & CISOs looking to create a secured configured infrastructure.
CHS is a flexible hardening tool, with the unique ability to ‘learn’ where desired hardening changes will adversely impact production activity. CHS determines the impact of baseline changes before they implemented, producing visible conclusions for decision-makers. CHS eliminates time-consuming lab testing, reduces the cost and impact of hardening, and centering infrastructure control, thereby stopping security breaches and operational mistakes.
How Can CalCom Hardening Suite Make a Huge Difference In Server Hardening:
- Cost effective server hardening process: Save time and resources required for testing security policies in lab environments.
- Zero server outages: Ensure that production services are not harmed during server hardening.
- Prevent & monitor unauthorized policy changes: Stop security breaches and operational mistakes before they happen.
Make Your Hardening Project Effortless.