Varonis Blog | All Things Data Security

Michael Buckbee

Michael has worked as a sysadmin and software developer for Silicon Valley startups, the US Navy, and everything in between.

Showing 353 results

Data Security

Aug 06, 2014

Authentication Lessons from the Magic Kingdom: A Closer Look at Kerberos, Part I

The flaws in NTLM I’ve been writing about might lead you to believe that highly-secure authentication in a distributed environment is beyond the reach of mankind. Thankfully, resistance against hackers...

Michael Buckbee

3 min read
Privacy & Compliance

Jul 17, 2014

5 Things Privacy Experts Want You to Know About Wearables

There’s been a lot of news lately in the health and fitness wearables space. Apple just announced they’re releasing an app, called “Health,” as well as a cloud-based platform “Health...

Michael Buckbee

3 min read
Data Security

Jul 15, 2014

Pass the Hash, Part III: How NTLM Will Get You Hacked

The most important takeaway about PtH is that the password hashes that are stored in memory (and grabbed by hackers) are a feature of Single Sign On.

Michael Buckbee

4 min read
Active Directory

Jul 10, 2014

Risks of Renaming Your Domain in Active Directory

As a sysadmin, there might be moments where you’ll find the need to change, merge, or rename your domain. Hopefully you name your domain well the first time, but there…

Michael Buckbee

3 min read
Data Security

Jun 26, 2014

A Closer Look at Pass the Hash, Part II: Prevention

Last week, I attended a webinar that was intended to give IT attendees a snapshot of recent threats—a kind of hacker heads-up. For their representative case, the two sec gurus...

Michael Buckbee

3 min read
Data Security

Jun 17, 2014

A Closer Look at Pass the Hash, Part I

We’ve done a lot of blogging at the Metadata Era warning you about basic attacks against passwords. These can be mitigated by enforcing strong passwords, eliminating vendor defaults, and enabling...

Michael Buckbee

3 min read
Data Security

May 21, 2014

What’s the Difference between Hacking and Phishing?

Because I’ve boldly assigned myself the task to explain hacking and phishing, I feel compelled to define both terms concisely because, as Einstein’s been quoted countless times, “If you can’t...

Michael Buckbee

2 min read
Active Directory

Apr 16, 2014

Best Practices for Naming an Active Directory Domain

When you’re naming domains, it should be planned as carefully as you would in naming your first child – of course I’m exaggerating – but it’s worth planning carefully. For...

Michael Buckbee

1 min read
Data Security

Mar 11, 2014

5 Privacy Concerns about Wearable Technology

With over 55 different fitness wearable devices to choose from, the wearables market has breathed new life into our personal health, providing us with more insight into our sleep patterns,...

Michael Buckbee

3 min read
Data Security

Mar 05, 2014

Automate Exchange Distribution List Management

From a business perspective, distribution lists (DLs) for email communications are a powerful and well-understood concept in IT. And they are popular: Exchange admins have voted with their right-clicks, creating...

Michael Buckbee

2 min read
Data Security

Jan 21, 2014

Cryptography May Not Be Dead, But It Is on Life Support

Cindy and I had the good fortune of attending part of the Real World Cryptography Workshop held last week in New York City. We went primarily to listen to Bruce...

Michael Buckbee

4 min read
Data Security

Nov 07, 2013

How to Do Data Classification at Scale

One of the important points we make in our recently published Information Entr opy report is that you can’t just decide you have intellectual property, issue NDAs to employees, and...

Michael Buckbee

4 min read

...

26 27 28

SECURITY STACK NEWSLETTER

Join 400K+ security pros. Get threat research and cybercrime news sent right to your inbox.

Explore Additional Resources

Guide

AWS Best Practices Guide

White Paper

The Attacker's Playbook

Report

Sample Data Risk Assessment

Case Study

How Bradshaw International Reined in Permissions and Reduced Their M365 Blast Radius With Varonis

Case Study

How a Healthcare Org Enhances its Salesforce Security Posture With Varonis

Case Study

How Varonis Helps an Energy Company Safeguard Critical Data in AWS and M365

On-demand video

State of Cybercrime:
Salt Typhoon Telecom Attack

On-demand video

State of Cybercrime:
Midnight Blizzard

On-demand video

State of Cybercrime:
ChatGPT Manipulation + More

Ready to see the #1 Data Security Platform in action?

“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”

Michael Smith, CISO, HKS

"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."

Deborah Haworth, Director of Information Security, Penguin Random House

“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”

Al Faella, CTO, Prospect Capital

Get a demo

Authentication Lessons from the Magic Kingdom: A Closer Look at Kerberos, Part I

5 Things Privacy Experts Want You to Know About Wearables

Pass the Hash, Part III: How NTLM Will Get You Hacked

Risks of Renaming Your Domain in Active Directory

A Closer Look at Pass the Hash, Part II: Prevention

A Closer Look at Pass the Hash, Part I

What’s the Difference between Hacking and Phishing?

Best Practices for Naming an Active Directory Domain

5 Privacy Concerns about Wearable Technology

Automate Exchange Distribution List Management

Cryptography May Not Be Dead, But It Is on Life Support

How to Do Data Classification at Scale

SECURITY STACK NEWSLETTER

Ready to see the #1 Data Security Platform in action?

Ready to see the #1 Data Security Platform in action?