Password Management

data encrypted message on screen

Corporate account takeover attacks and prevention

Corporate account takeover is a form of identity theft, wherein an unauthorized entity steals and assumes an employee’s digital identity, to perform actions on behalf of that user, while remaining undetected. The popularity of corporate account takeover attacks lies in their afforded safeguards for bad actors.... Read More

ransomware attack on laptop

Securing ADFS against password spraying attacks

Stolen account passwords provide the “path of least resistance” into a victim network for an attacker. Once compromised credentials are obtained, the attacker can easily access business-critical systems with little effort. Active Directory Federation Service (ADFS) is a solution... Read More

coding with lock

CIS Benchmark Password Policy

With technology constantly evolving, cybersecurity organizations are helping people, businesses, and governments with best practices to protect themselves against emerging threats. The Center for Internet Security (CIS) is one of these advisement groups. The CIS Controls and CIS Benchmarks provide globally recognized best practices for security IT systems and... Read More

hacker stealing password information

Protecting Your Organization Against the Nobelium Attacks

The UK’s National Cyber Security Centre has recently issued guidance to organizations in response to a series of attacks. This guidance was released following a notification in which Microsoft indicated that it had identified new activity tied to an... Read More

hacker behind desktop screen

Top 5 Hacker Groups and their Attacks

One of the frightening cybersecurity risks for businesses today is undoubtedly ransomware. It doesn’t discriminate and leaves in its wake encrypted, unreadable files, threats of data leaks, and often millions of dollars in damages. Moreover, large-scale and sophisticated ransomware... Read More

finger on scale

What metrics should sysadmins use to show improvement over time?

To illustrate how essential IT systems are to the proper functioning of the business, system administrators should use a number of metrics to communicate key KPIs with non-technical leadership. This can help justify the overall budget of the IT department, as well as the... Read More

banned passwords

Troubleshooting tips for Azure AD banned password list

Not all implementations of Azure AD password protection go smoothly. This blog explores some quirks with the banned password lists, and offers remediation tips related to them.   Understanding the Scoring System  Many teams get tripped up when establishing their password policies in Azure AD and for good reason. First,... Read More

locks highlighted and lined up

Why cached credentials are causing account lockouts

Active Directory user accounts can get locked out due to a number of reasons, especially when working remotely. Windows systems can cache credentials for users. Yet, cached credentials causing account lockouts is a major problem for remote users.   Cached Active Directory credentials  To understand the purpose of... Read More