Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

GDPR - Data Processing EU Data as a US Business

Due to the growing and ever-changing digital market, the EU took a major step to protect EU citizens’ personal data and privacy rights in today’s digital world. From proposal to adoption, the General Data Protection Regulation (GDPR) took over four years to become law regulating the data collection and security during processing and movement of personal data of EU citizens. The GDPR is applicable in all EU markets/countries, including by association, Norway, Switzerland, and the UK.

Mr. Robot, Mimikatz and Lateral Movement

In Mr. Robot‘s episode 9 of season 2 (13:53), Angela Moss needs to obtain the Windows domain password of her superior, Joseph Green, in order to download sensitive documents that would potentially incriminate EvilCorp. Since her attack requires physical access to his computer, she starts with a good old-fashioned social engineering attack to get the only currently present employee in the office to leave.

Securing Exchange Server OWA & ActiveSync - Proactive Security with EventSentry

With the proper auditing enabled (Logon/Logoff – Logon (Failure)) and EventSentry installed however, we can permanently block remote users / hosts who attempt to log on too many times with a wrong password. Setting this up is surprisingly simple.

Auditing DNS Server Changes on Windows 2008/2008R2/2012 with EventSentry

If you’re running Windows 2008 (R2) or 2012 then setting up DNS auditing requires a few steps. Thankfully it’s a one-time process and shouldn’t take more than a few minutes. On the EventSentry side a pre-built package with all the necessary rules is available for download and included with the latest installer.

Auditing DNS Server Changes on Windows 2012 R2 and later with EventSentry

Auditing changes on Microsoft Windows DNS server is a common requirement and question, but it’s not immediately obvious which versions of Windows support DNS Auditing, how it’s enabled, and where the audit data (and what data) is available. Fortunately Microsoft has greatly simplified DNS Server auditing with the release of Windows Server 2012 R2.

Companies Doubt Ability to Detect & Respond to Ransomware Attacks

PALM BEACH GARDENS, Fla.--(BUSINESS WIRE)--Companies aren’t very confident in their ability to detect, respond to and remediate ransomware attacks, according to the 2017 Ransomware Report, sponsored by user behavior analytics and activity monitoring company Veriato and 13 other companies and conducted by Crowd Research Partners.