Following on from my earlier post on EMET, WDAG and the 1709 release on Windows, here is some Q&A on the topic.
Such a simple authentication factor (simulating a keyboard) but very powerful in what it delivers.
All organisations should consider these devices for end users.
Emotet is getting a lot of coverage and worth maintaining a watching brief.
A useful overview of FPE, which is gathering interest in the field.
I was in London a couple of weeks ago on an ethical hacking training course. It was very interesting subject matter, and our instructor mentioned his increasing interest in PowerShell for scripting. It chimed with me, as I’m finding PowerShell to be a very useful technology for a wide range of tasks.
One of the useful capabilities of PowerShell is the interactive shell, and the opportunity to quickly develop scripts that automate a laborious task.
It’s July 2018, which means EMET end of life is imminent. If you are using EMET currently, in all likelyhood it will probably work fairly well past the end of this month, but consider your upgrade options now.
Forensic readiness (FR) is a useful concept that is encountered a great deal in public sector information security, but not so much in the private sector. I’ve enjoyed working with FR policies, and you can too, with the right preparation and direction of travel.
An important focus area for the field moving forward.
Malicious PowerShell attacks increased by 661 percent from the last half of 2017 to the first half of 2018, and doubled from the first quarter to the second of 2018.
There are some good guides from the major security vendors on the risks of PowerShell exploitation. No solution is complete, but some sensible steps can be taken.
Assets when they are reused or disposed of, must be subject to an appropriate sanitisation process to ensure confidential information cannot be recovered. Many organisations do not sanitise data storage before re-use internally. However, more worryingly, many organisations are not sanitising data storage media before devices are sold on, leaving them exposed to data theft, industrial espionage and potential extortion.