Last month, I was present at the Dutch Tooling Event to talk to (potential) customers about my employer’s product and project portfolio. This event gets organized for people with an interest in IT systems management, IT service management, mobile device management and other IT-related themes. During the event, I was interviewed alongside Pieter Lacroix (Managing … Continue reading "I was interviewed by Marqit.tv at the Tooling Event (Dutch)"
Security and practicality often clash, especially with legacy software in the mix. Legacy software is painful from a security point of view. If you want to know how painful, keep on reading this blogpost. It features legacy functionality, unsupported software and security holes the size of Jupiter.
Although we’ve seen presentations on Pass the Hash attacks for years, now is a good time to actually make good on that New Year’s resolution to start hardening your Active Directory environment against these, and other related attacks. Roughly six months ago, Patrick Jungles, a Security Program Manager working with Microsoft’s Trustworthy Computing group in … Continue reading "Security Thoughts: Pass the Hash and other Credential Theft"
In many organizations Active Directory Domain Services is the top tier in access management. Access to systems, information and connections, often, is governed by information in Active Directory. User objects and computer objects play a big role in this model, since they represent actual physical objects within the organization. Now, not every organization acknowledges the … Continue reading "Common Challenges when Managing Active Directory Domain Services, Part 1: Security"
Today, Microsoft has released a document, detailing the Best Practices for Securing Active Directory Domain Services. The document contains 22 best practice recommendations to assist organizations in enhancing the security of their Active Directory installations. By implementing these recommendations, organizations will be able to identify and prioritize security activities, protect key segments of their organization’s … Continue reading "Best Practices for Securing Active Directory"
Millions of Windows PCs are infected by scareware each year. Often, this kind of software fakes to be an anti-malware program. These rogue virus scanners convince Windows users their PC is infected and they need to pay to clean it. Microsofts free Security Essentials with its 10-15% market share, ForeFront Endpoint Protection, System Center Endpoint … Continue reading "Test: Real vs. Rogue"