Brandon Lee

Networking

Storage

Virtualization

Brandon Lee has been in the industry 20+ years, is a prolific blogger focusing on networking, virtualization, storage, security & cloud, and contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.

Articles written by Brandon Lee

Jan

10

Securing ADFS against password spraying attacks

Stolen account passwords provide the "path of least resistance" into a victim network for an attacker. Once compromised credentials are obtained, the attacker can easily access business-critical systems with little effort. Active Directory Federation Service (ADFS) is a solution that…
Read More
Nov

29

What is Gramm-Leach Bliley Act (GLBA)?

The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, requires financial institutions to explain their information-sharing practices to their customers, and to safeguard sensitive data. The GLBA applies to all companies that offer consumer financial products or services like loans, financial or investment advice, or insurance. …
Read More
Oct

25

Top 5 Hacker Groups and their Attacks

One of the frightening cybersecurity risks for businesses today is undoubtedly ransomware. It doesn't discriminate and leaves in its wake encrypted, unreadable files, threats of data leaks, and often millions of dollars in damages. Moreover, large-scale and sophisticated ransomware attacks…
Read More
Sep

27

FFIEC password requirements

Cyberattacks often target the financial industry due to the nature of the information they possess. One of the organizations that provide cybersecurity guidance and standards for financial institutions is the Federal Financial Institutions Examination Council (FFIEC). While the FFIEC does not offer specific password characteristics as…
Read More
Sep

07

Open ports and their vulnerabilities

One of the age-old tenets of good network security is only open network ports that are necessary and make sure you have protection around any port open to the outside world. Open ports provide attackers with an opportunity to compromise your…
Read More
Aug

24

Why cached credentials are causing account lockouts

Active Directory user accounts can get locked out due to a number of reasons, especially when working remotely. Windows systems can cache credentials for users. Yet, cached credentials causing account lockouts is a major problem for remote users. Cached Active Directory credentials To understand the purpose of cached…
Read More
Aug

09

Microsoft password expiration recommendation

Microsoft Active Directory provides built-in password policies to control various aspects of password management in the environment. One of the password configurations traditionally controlled at the password policy level is password expiration. Many organizations use password expiration policies to secure Active Directory accounts as part of their…
Read More
Jul

26

“User must change password at next logon” feature in Active Directory

The User must change password at next logon setting can be flagged in a couple of different scenarios in Active Directory, including when a user account password has expired, or when an administrator manually sets the flag on an account. Below is an example…
Read More
Jul

19

Pipeline Cybersecurity Initiative best practices

There is no question that ransomware attacks are on the rise. They present what is arguably the most dangerous risk to businesses today when looking at the cybersecurity threat landscape. Recently, a ransomware attack impacted the Colonial Pipeline, one of the largest fuel pipelines…
Read More
Jul

07

Are password reset solutions still relevant?

In case you haven’t been keeping up with the latest password guidance from noted cybersecurity organizations, it has changed from the traditional advice given regarding password security and password security policies. There are new and better ways to protect and secure account passwords than legacy…
Read More