SMB Relay Attacks and How to Prevent the Attack from Occurring:
Last week it was revealed that there is a known flaw in Windows that can allow domain credentials to be compromised. Using the aptly named SMB relay, it is possible to leak your credentials when performing normal operations including visiting a web site, using Outlook to read your email or using Windows Media Player. The attack is carried out by the attacker positioning himself between a Windows computer and a server and intercepting the traffic between the two and relaying the traffic back.
Those credentials can then be used by the attacker to authenticate as the user on any Windows servers where the user has an account, including those hosted in the cloud.
Fortunately, there is very easy fix to this problem… Prevent SMB traffic from leaving your Local Area Network through the use of firewalls. That’s all it takes, proper configuration on your firewall to prevent SMB traffic outbound.
Contact The Atteberry Group today for a security evaluation. Let us manage your security so that you can focus on your business.
Why Security Patches are Important
Today is patch day for Microsoft. This time around, Microsoft is releasing four critical patches: one for Internet Explorer, one for Office, one for VBScript and one for Windows. All could allow a hacker to remotely execute code on your systems. There is also a patch to fix issues with Remote Desktop. Almost everyone is using remote desktop (often for server management) and this is a big deal.
As you can see, there are constantly evolving security threats and the only way to prevent a security incident (which is a nice way of saying someone hacked us and stole …) is to ensure that your systems are constantly up-to-date.
So, are your systems being patched? If you don’t know, or are losing sleep because you know your systems are not being kept up-to-date call The Atteberry Group at 213.393.5060 or email us email@example.com. For a complete list of our services, please visit our website at http://www.atteberrygroup.com
7/13/15 – Security Bulletin
At The Atteberry Group, we take the security of your systems seriously. With the relaunch of our web site will now be providing updated security bulletins on an ongoing basis to help keep you aware of potential issues.
We start this week with vulnerabilities associated with Word Press, one of the most popular web site frameworks available. As always you should keep Word Press and the Word Press plugins up-to-date. If you have questions or concerns, please contact The Atteberry Group at 213.393.5060 or firstname.lastname@example.org.
WordPress CP Image Store with Slideshow Plugin 1.0.5 – Can Allow Arbitrary File Download
WordPress CP Multi View Event Calendar Plugin 1.1.7 – Can Allow SQL Injection Attack
Worried about who can access Office 365 data in the cloud?
The single biggest impediment that we see to clients accepting Office 365 is “Who has access to our data?” Well, with Office 365, the answer just became much simpler – you or those you approve.
According to Vijay Kumar, senior product marketing manager, and Raji Dani, principal program manager for the Office 365 Security team: “Microsoft Engineers do not have standing access to any service operation. All access is obtained through a rigorous access control technology called Lockbox. Today, Lockbox enforces access control through multiple levels of approval within Microsoft, providing just-in-time access with limited and time-bound authorization. In addition, all access control activities in the service are logged and audited.”
In a recent announcement, Microsoft outlined Customer Lockbox for Office 365 and the protection it provides Office 365 users. Rajesh Jha, corporate vice president for the Office 365 team stated: …”Customer Lockbox for Office 365, provides unprecedented customer control over content residing in Office 365, so customers can be assured that their content will not be accessed by Microsoft employees without their explicit approval. It brings customers into the access approval loop, requiring the customer to provide explicit approval of access to their content by a Microsoft employee for service operations.”
Specifically, use of Lockbox for Office 365 will give you the ability to accept or reject a request from Microsoft to access your Office 365 data. It doesn’t get much easier than that.
Need additional information on how Office 365 is secured and how migrating to Office 365 can help your business? Contact The Atteberry Group a call at 213.393.5060 or email us at email@example.com
Material for this post taken from http://blogs.office.com/2015/04/21/announcing-customer-lockbox-for-office-365/ and http://blogs.office.com/2015/04/21/enhancing-transparency-and-control-for-office-365-customers/
1 / 1