Wiper Malware Mitigation Strategies

Wiper Malware Mitigation Strategies

Wiper malware threats have become a concern as geopolitical tensions rise. Security researchers have identified new strain of malware targeting Ukraine, dubbed HermeticWiper. Wiper malware is designed to render systems inoperable and irrecoverable without solid backups. Currently the wiper malware is targeting Ukraine and some surrounding countries including Latvia and Lithuania. But this attack could easily turn toward the US …

Mimikatz-Style Exploits to be Blocked by Microsoft

Microsoft is finally stepping up the game and blocking Mimikatz-style exploits that steal passwords from system memory. Attackers use this exploit to escalate privileges and laterally move throughout a network. In penetration testing, we use these exploits often. Take a peek at our internal company Fireside Chat we do every Friday. Today’s discussion centered around Microsoft Defender Attack Surface Reduction, …

My Favorite IoT Hacks – Webinar

“My Favorite IoT Hacks” is now available on webinar replay. IoT will soon outpace non-IoT devices. Your cybersecurity program needs to account for widespread, insecure, and sometimes unexpected IoT devices. In this talk, Geoff Wilson, CEO of Go Security Pro, will detail IoT hacks and why these devices are such attractive targets. Geoff will also introduce practical strategies for protecting …

When Strict Password Policies Backfire

Passwords that are changed more frequently are more secure, right? Not necessarily. I was working with an organization that takes security seriously. Defense in depth and least privilege permeate their environment. Users do not have administrator privileges and are not allowed to remotely login to systems. Network segmentation keeps a compromised workstation from reaching the administrator interfaces on servers. Only …

Apply the BlueKeep Patch Now

I’m writing to let you know about a critical Windows security patch that should be deployed to affected systems ASAP. The BlueKeep vulnerability (CVE-2019-0708) is a remotely exploitable flaw in the Remote Desktop Protocol (RDP) Services on older versions of Windows including: Windows Server 2008 R2 Windows 7 Windows Server 2008 Windows Vista Windows Server 2003 Windows XP Both Microsoft …