Blog

Data Security

Going Back To SQL Server 2008 In Order To Move Ahead

Michael Buckbee

Michael Buckbee

Last year, Microsoft ended its support for SQL 2008/R2. Customers with an enterprise agreement are still supported, but it’s a good idea to start planning your upgrade. Upgrading your production...

PCI DSS Explained: Our New White Paper Decodes the Complexity

David Gibson

David Gibson

The Payment Card Industry Data Security Standard (PCI DSS) is not just another list of requirements for protecting data. In 2013, the number of credit and debit card transactions worldwide...

The Journey to File Permission Perfection  

Michael Buckbee

Michael Buckbee

More devices than ever. More platforms to choose from. An expanding universe of data choices that can be both exciting and confusing at the same time. Tablets, phablets, laptops, iOS,...

Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches

Michael Buckbee

Michael Buckbee

I had the chance to talk with cyber security expert Justin Cappos last month about the recent breaches in the retail sector. Cappos is an Assistant Professor of Computer Science...

Microsoft Fixes A Kerberos Silver Ticket Vulnerability

Michael Buckbee

Michael Buckbee

Note: This post has created a bit of controversy among the security illuminati! A post on Still Passing the Hash Blog 15 Years Later explains the issues. I think a...

Are You Smarter Than a Hacker? [CONTEST]

Michael Buckbee

Michael Buckbee

They’ve broken into the largest retailers, key government agencies, and major social media companies, stealing tens of millions of credit card numbers, email addresses, and sensitive data. They’re experts at...

Getting Started with PowerShell Option Inputs

Michael Buckbee

Michael Buckbee

PowerShell is the dominant method of automating tasks and scripting changes for Windows sysadmins. This article covers getting started with some basic PowerShell usage and how to pass optional customization...

How to Be Your Own Best Password Generator

Michael Buckbee

Michael Buckbee

Let’s face it people, we’re bad at coming up with our own passwords. They’re too short, too obvious, and hackers have gotten very good at breaking them —either by outright guessing...

What You May Have Missed

Michael Buckbee

Michael Buckbee

1. Here’s an interesting perspective from a CTO on why metadata matters. 2. By September 30th, California Governor Jerry Brown will either veto or sign two very important bills that will protect...

Phishing Attacks Classified: Big Phish vs. Little Phishes

Michael Buckbee

Michael Buckbee

The CMU CERT team I referred to in my last post also has some interesting analysis on the actual mechanics of these phishing attacks. Based on reviewing their incident database, the...

In Search of Kerberos’s Golden Ticket

Michael Buckbee

Michael Buckbee

In a Kerberos environment, all users get tickets, or more specifically TGTs (Ticketing Granting Tickets). It’s the starting point for gaining access to services—network files, email, apps, etc.  In Windows,...

Kerberos Weaknesses: Pass the Ticket Is a Real Threat

Michael Buckbee

Michael Buckbee

August is always a good time to check up on the dark side.  Black Hat had its annual conference earlier this month, and there are always presentations worth looking at....

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.