The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines designed to protect cardholder data and ensure that organizations handling payment card information maintain a secure environment. Among its many requirements, PCI DSS places significant... Read More
Compliance
Categories
NIS2, passwords, and MFA: Everything you need to know
MFA and password security are key considerations in several regulatory frameworks, and NIS2 is no different. The NIS2 Directive is an important piece of legislation for anyone working in cybersecurity across the European Union. The latest updates to the... Read More
Update to GLBA safeguards rule: What you need to know
Financial institutions are at the forefront of cybersecurity challenges due to the sensitive nature of the data they handle. As the frequency and sophistication of cyberattacks increase, so does the need for robust regulatory safeguards, requiring organizations to bolster... Read More
Securing authentication tokens by preventing delegation of admin accounts
The underlying capabilities provided by Kerberos authentication in Active Directory means that access tokens can be delegated to users and computers for various purposes. Attackers can capitalize on the built-in capabilities of Active Directory with impersonation and delegation to... Read More
[New Data] Attackers Are Using These Passwords to Attack the RDP Port Right Now
The Specops Breached Password Protection List Tops 3 Billion Unique Compromised Passwords from Live Attack Data and Leaked Lists Today, the Specops Software research team is sharing the results of our analysis on what passwords are being used to... Read More
Service account password rotation
Service accounts are the unseen heroes of your organization’s architecture – they keep critical services running. While most organizations are generally aware of the sensitive nature of service accounts, password practices can still be poor. It is not uncommon... Read More
New Compliance Standards & More: See What’s New in Specops Password Auditor
Today, we’ve released the latest Specops Password Auditor — a read-only program that can help IT admins identify password vulnerabilities including number of accounts with compromised passwords and more. In this release, we’ve introduced a big update to our... Read More
Ransomware attacks continue to rage on government entities
Ransomware attacks are on the rise and target businesses across many industries and sectors. Government entities are also on the radar of ransomware gangs and have been the subject of many high-profile ransomware attacks. Governmental entities have been a... Read More
Active Directory and domain controller security best practices
Windows Servers in the environment housing the Active Directory Domain Services (AD DS) role are some of the most sought-after targets for attackers today. It is because Active Directory contains the credential store for all the user and computer... Read More
Common ransomware attack types: How they work & tips for prevention
Think of ransomware attacks as a form of digital kidnapping. Cybercriminals use encryption to lock you out of your files or devices, effectively holding them hostage until a ransom is paid. Like traditional kidnappers, their primary motive is financial... Read More