Author Archives: greg
Linkedin Daily Rundown: Coronavirus
Link
Ransomware: “If I could do it, anyone could do it.”
Link
ProCircular Pro-Tips: Remote Security
Link
Snake Ransomware Slithers Through Networks
Snake ransomware is the latest example of ransomware variants being used for targeting enterprises. Snake ransomware is being used to infiltrate business networks, gather administrative credentials, and encrypt the files of every computer on a network, using post-exploitation tools. Snake joins the likes of Ryuk, Bitpaymer, and other less notable ransomware variants that take part in enterprise targeting.
RDP Brute Force Attack Detection and Blacklisting with Powershell
Overview
Monitoring systems provide great value because they alert us to unusual events. They allow us to check a box on our audit sheet, but really a monitoring system is just half of the equation. The other half of the equation requires an action in response to the event.
Last week’s Tip-of-the-Week provided a simple detection to notification bridge for locked out accounts. This week’s tip takes things a step further, by arming our systems with an automated action in response to brute force attempts. Using Powershell, we’ll create a brute force detection script that automatically defends our network, by blocking the source IP address of the attack.
Ransomware Simulator
Ransomware Protection Checklist
WatchPoint – Tip of the Week – Enumerate File Shares With Powershell
Use PowerShell to Discover and Record File Shares
An old college professor of mine once gave our class some simple yet sound advice; know your network. I didn’t realize it at the time but that his statement would stick with me and be something that I’d repeat to new hires and colleagues. So here you go Steve, I am writing this article for you.
Today’s Tip-of-the-Week is about knowing your network, specifically the file shares that it contains. Knowing what file shares exist and having a complete list of them can not only help with audits, but it will also help ensure you know what’s on your network and that it’s secure.
WatchPoint – Tip of the Week – Password Expiry Email Notification
Overview
Imagine it’s Monday morning, it’s 8:00 a.m., the work week isn’t even a full minute old, and the CEO is calling the support line, frantic because his password expired and now he can’t login to give a presentation. Talk about a nightmare way to start the week.
Thankfully this can all be avoided with a simple PowerShell script. Our tip of the week will show you how to notify your employees that their password is going to expire, and avoid this kind of painful support call.