NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…

Continue Reading

what you may have missed

What You May Have Missed

1. Last month, a Senate subcommittee held a hearing to consider S. 2171, the Location Privacy Protection Act. Introduced by Senators Franken (D-MN) and Flake (R-AZ), the draft legislation would put limits on the commercial collection of location data from mobile devices and would also ban stalking apps. The bill requires consumers to opt in…

Continue Reading

rename domain active directory

Risks of Renaming Your Domain in Active Directory

As a sysadmin, there might be moments where you’ll find the need to change, merge, or rename your domain. There are many reasons why you might need to do this, for instance: an organizational restructuring, merger, buyout or expansion. Keep in mind that a rename is not designed to accommodate forest mergers or the movement…

Continue Reading

3721789588_878be272e4_z

3 Deadly File Permissions Mistakes

Scarily, in most organizations people have access to much more information than they need in order to do their jobs.  With file permissions, it’s easy to mess things up and hard to find and fix problems, especially in large environments.  One tiny mistake can cause a ripple effect across terabytes of data, opening up a…

Continue Reading

What you may have missed

What You May Have Missed

1. British Airways can now track your happiness level while you’re on board.  Fiber optics are woven into the blanket to measure electrical fluctuations in the brain. When your blanket turns red, it means you’re feeling anxious and when the blanket turns blue, it means you’re relaxed and happy.  And green means you’d like a…

Continue Reading

monkeys

The Security Chaos Monkey

Jon Oltsik wrote a great article in Network World recently championing the importance of end user involvement in a company’s IT security strategy.  He acknowledges that employees are often a company’s own worst enemy, frequently scorned by their IT overlords. But Olstik argues that CISOs should instead directly enlist them to help build a security-minded…

Continue Reading

da-chargeback

Usage-Based Storage Chargebacks with DatAdvantage

Usage-based chargebacks is just a better way to do cost sharing: it’s more fair, transparent, and consistent then other approaches.  If you want proof, read our IT Chargeback guide. What about actually doing chargebacks with data storage? Of course, the first step is getting a breakdown of data usage by cost centers or other group…

Continue Reading

What you may have missed

What You May Have Missed

1. When a cable operator retransmits local TV signals, it pay licensing fees to broadcasters. Aereo is a startup that streams local TV signals over the Internet by keeping individual antennas in the cloud for each of its users. This week the Supreme Court said Aereo is really a cable company and must therefore pay copyright…

Continue Reading

iron-safe

A Closer Look at Pass the Hash, Part II: Prevention

Last week, I attended a webinar that was intended to give IT attendees a snapshot of recent threats—a kind of hacker heads-up. For their representative case, the two sec gurus described a clever and very targeted phishing attack. It led to an APT being secretly deposited in a DLL. Once the hackers were in, I…

Continue Reading

395px-Automated_Storage_and_Retrieval_System_-_Defense_Visual_Information_Center_·_DD-ST-96-00253

Three Things to Be Aware of With Low-Cost Data Backup Services

I’m always a little surprised by the reaction from customers regarding off-site storage services.  It goes something like, “Well, the price is so good, that I don’t really need to know anything else.”  From a pure accounting standpoint, I do see their point. As a company goes down the road of evaluating low-cost backup and…

Continue Reading