Ever wondered how a lean Windows Service can fend off high-stakes cyber threats? Discover the secret recipe of minimal permissions, real-time monitoring, and built-in resilience that keeps systems secure under attack.
https://thedefendopsdiaries.com/designing-secure-windows-services-key-principles-and-strategies/
#windowsservices
#cybersecurity
#securitydesign
#leastprivilege
#realtimemonitoring
5️⃣ Fine-Grained Access Control
From “all photos last week”
to
SELECT * FROM emails WHERE sender LIKE ‘%@microsoft.com’
agents need precise, least-privilege access. Let’s get specific! 🎯📂
Service desks are prime targets for sneaky social engineering attacks. Could MFA, tight access controls, and smart training actually be the secret sauce to keeping sensitive data safe?
#socialengineering
#servicedesksecurity
#multifactorauthentication
#cybersecuritytraining
#leastprivilege
SQL Server Directory Creation: Solving Permission Errors for Non-Admin Users
Secure SQL Server directory creation using SQL Server Agent jobs & PowerShell scripts. Prioritize least privilege & avoid risky extended stored procedures. Improve security & maintainability! #SQLServerSecurity #DirectoryCreation #PowerShell #SQLServerAgent #LeastPrivilege #DatabaseSecurity
https://tech-champion.com/database/sql-server/sql-server-directory-creation-solving-permission-errors-for-non-admin-users/
...
SQL Server Directory Creation: Solving Permission Errors for Non-Admin Users
Secure SQL Server directory creation using SQL Server Agent jobs & PowerShell scripts. Prioritize least privilege & avoid risky extended stored procedures. Improve security & maintainability! #SQLServerSecurity #DirectoryCreation #PowerShell #SQLServerAgent #LeastPrivilege #DatabaseSecurity
https://tech-champion.com/database/sql-server/sql-server-directory-creation-solving-permission-errors-for-non-admin-users/
...
Unauthorised network access remains a significant threat, especially for organisations lacking robust network security controls. Attackers can capture privileged credentials from automated tasks and vulnerability scanners if these tasks are configured with an excessive scope or are insufficiently protected by network or host controls...
Read our latest blog, "Watch where you point that cred," by Tom Thomas-Litman, for insights and recommendations for securing internal networks: https://www.pentestpartners.com/security-blog/watch-where-you-point-that-cred-part-1/
#CyberSecurity #Infosec #NetworkSecurity #VulnerabilityScanning #CredentialTheft #Honeypots #LeastPrivilege #RiskMitigation
The third case study presented at #ACSAC2023 was Roundy's "Working Towards Least Privilege in the Cloud" which explored strategies to manage permissions and reduce over-granting by assessing actual usage. (https://www.acsac.org/2023/program/final/s323.html) 4/5
#LeastPrivilege #LogAnalysis #Cybersecurity
Often applications require UAC to start for no apparent reason, mainly due to poor development practices. This is a huge challenge for sysadmins when vendors refuse to fix this behaviour.
Today I found a workaround that avoids granting unnecessary elevations. Use __COMPAT_LAYER=RunAsInvoker in the command prompt! 🎯
Just type:
cmd.exe /c "set __COMPAT_LAYER=RunAsInvoker && crapapp.exe"
#TIL in Linux, the SUID (Set User ID) bit is a special file permission that allows a binary to run with the privileges of the file’s owner rather than the user who executed it. This feature is useful for tasks that require elevated permissions, like allowing regular users to perform specific administrative functions.
However, SUID binaries also pose a security risk. If a SUID binary is improperly configured or contains vulnerabilities, an attacker with limited privileges could exploit it to escalate their privileges, potentially gaining root access. This makes it crucial to regularly audit SUID binaries on your system.
To find SUID binaries, use:
find / -type f -perm -4000 -ls 2>/dev/null
#linux #security #cybersecurity #suid #LeastPrivilege #debian
Zero Trust assumes that threats could be both external and internal, and thus, no entity, whether it is a user, device, or application, should be inherently trusted.
https://linuxexpert.org/deep-dive-into-zero-trust-security-model/
#ZeroTrust #Cybersecurity #NetworkSecurity #IAM #MFA #SSO #Microsegmentation #EndpointSecurity #ApplicationSecurity #DataSecurity #RBAC #LeastPrivilege #AssumeBreach #linux
Cyber threats are becoming more advanced every day, making it crucial to stay informed and prepared. Social engineering and deepfake attacks are two significant concerns that require robust security measures.
https://linuxexpert.org/cybersecurity-rising-threats-and-how-to-protect-against-them/
#Cybersecurity #SocialEngineering #DeepfakeAttacks #ZeroTrust #ContinuousMonitoring #LinuxSecurity #NetworkSecurity #OpenSourceSecurity #MFA #SecurityTraining #IntrusionDetection #OSSEC #Suricata #OpenLDAP #LeastPrivilege #GnuPG #ITSecurity #linux
#TIL that security descriptors in #Windows operating systems contain the security information for objects such as files, processes, registry keys, or services. They specify who owns the object, who can access it, and what permissions are granted. For example, using the `sc` command, it is possible to change the security descriptor of a service to allow a group of people to restart it without the needs to adding them to the local administrators group.
#security #cybersecurity #LeastPrivilege
https://michaelwaterman.nl/2023/04/08/security-descriptor-definition-language/
#ACSAC2023's program will also feature two case study sessions with talks on #TemplateEngines, #GenerativeAI in #Finance, #LeastPrivilege in the #cloud, and #Cyber #SupplyChain #Risk. One more reason to register and attend: https://www.acsac.org/2023/registration/
@BenAveling that's not a hot take. It's #LeastPrivilege and #SeparationOfDuties. It's temporary #StepUpAuthentication and timeouts.
A particular user should only be able to do what they need to do for a particular job function, but only when they need to do it, and only for as long as it takes to do the thing.
Thanks @girlgerms for linking to this epic list of #Azure Active Directory least privilege roles BY TASK.
Want to do this thing? You need this role to give you the min amount of required permissions.
"Least privileged roles by task in Azure Active Directory" lists the common tasks your admins may need to perform and the least privileged role they need to accomplish them. #AzureAD #LeastPrivilege https://learn.microsoft.com/en-us/azure/active-directory/roles/delegate-by-task
The dangers of admin rights need no introduction. So why are many companies still giving them out like free candy?
𝘍𝘰𝘳 𝘰𝘱𝘦𝘳𝘢𝘵𝘪𝘰𝘯𝘢𝘭 𝘦𝘢𝘴𝘦 𝘢𝘯𝘥 𝘱𝘳𝘰𝘥𝘶𝘤𝘵𝘪𝘷𝘪𝘵𝘺?
𝘛𝘰 𝘢𝘷𝘰𝘪𝘥 𝘰𝘷𝘦𝘳𝘸𝘩𝘦𝘭𝘮𝘪𝘯𝘨 𝘵𝘩𝘦 𝘚𝘦𝘳𝘷𝘪𝘤𝘦 𝘋𝘦𝘴𝘬?
𝘉𝘦𝘤𝘢𝘶𝘴𝘦 𝘵𝘩𝘦𝘺'𝘷𝘦 𝘢𝘭𝘸𝘢𝘺𝘴 𝘥𝘰𝘯𝘦 𝘪𝘵 𝘵𝘩𝘢𝘵 𝘸𝘢𝘺?
It's likely one of these (if not a blend of all three). But with Endpoint Privilege Management, admin rights can be removed overnight, and flexible workstyle templates let you implement least privilege policies in a matter of days for everyone - even sysadmins.
Productivity doesn't take a hit.
The Service Desk won't be swamped.
Ransomware and insider threats are mitigated.
Find out more about achieving least privilege with BeyondTrust's Privileged Access Management solutions today.
#leastprivilege #adminrights #privilegedaccessmanagement #PAM #endpointsecurity #beyondtrust #endpointmanagement #cybersecurity #cyberthreats #ransomware #ransomwareprotection #productivity #servicedesk #insiderthreats
Introduction
Redoing my #introduction as it was a bit of a sparse one when I joined.
I am a lifelong #technology enthusiast, having worked in Financial Services IT for more than 25 years, across multiple disciplines including:
* #Unisys #MCP-based #mainframe platforms (A17/A19/HMP NX 6800/Libra 180/Libra 6xx/Libra 890)
* #EMC #Symmetrix storage arrays (DMX 3/4 and most recently VMAX) including experience of #SRDF(S), SRDF(A), BCV
* #WindowsServer (2000 through 2019) including #ActiveDirectory
* Various #Linux/ #Unix OSes (#HPUX/ #RHEL/ #Centos/ #Ubuntu/ #Raspbian) including experience of #GFS/#GFS2 SAN storage clustering
* Virtual Tape Server technology (B&L/Crossroads/ETI Net SPHiNX, #TSM)
* Automation/Scripting (#PowerShell, #NT #Batch, #DOS, #Bash, #OPAL)
* #Security (#PrivilegedAccessManagement, #LeastPrivilege, #IAM, #Firewalls, #EDR)
* #BusinessContinuity/#DisasterRecovery (Design/Implementation/Operations)
I’m focused on learning and getting hands-on with #RaspberryPi at home and #cloud computing solutions both at work and at home.
I moved into a #SecurityEngineering role in 2020, so a lot of my focus is now more security focussed across all tech stacks.
My main focus at present when it comes to cloud is predominately #Microsoft #Azure, with Google and AWS of interest also, as well as other cloud infrastructure services such as those provided by CloudFlare, though I’m planning a move away from them due to their moral/ethical choices.
Away from work and tech, I love to #travel the world with my wife and enjoy very amateur #photography to record our adventures.
I also love most genres of #music, live in concert when I can, with a particular love of #Rock/ #Metal and also #Trance (coincidentally, given the profession of a somewhat more well known namesake of mine!).
In the 4th post on Least Privilege, I go into more detail on best practice & technologies for implementation of Least Privilege. As always, curious to know your reactions, opinions & insights.
https://cirriustech.co.uk/blog/secbytes-least-privilege-pt4/
In this, the 3rd post on the topic of Least Privilege, I look at how you might implement Least Privilege and what the challenges are that meant that many organisations may struggle to do so. https://cirriustech.co.uk/blog/secbytes-least-privilege-pt3/ #SecurityBytes #informationsecurity #leastprivilege
