I wanted to update you on the Microsoft authentication issues caused by the May patches. This only potentially affects Microsoft Domain Controllers. More specifically it only affects Domain Controllers that are using certificates in any way for some form of authentication.
An update on Microsoft’s May Patch Issues with Domain Controllers and Certificate-Based Authentication
Vulnerability Disclosed in HPE BIOS
Recently I wrote about the increasing vulnerabilities in BIOS/UEFI underneath the operating system and encouraging you to update your devices to current BIOS levels. We have been notified of a vulnerability in select HPE BIOS. If you have HPE endpoints, please read the attached notice.
KACE Systems Management Appliance – Critical Vulnerability Disclosure
Quest has notified us that they have a critical vulnerability. If you use a KACE appliance, please read this information and perform their recommended mitigation steps. Kace Critical Vulnerability -Scott Quimby
Tech Tidbit – My Achilles Heel – Closing your District’s Vulnerability Gaps
“Legends state that Achilles was invulnerable in all of his body except for one heel because when his mother Thetis dipped him in the River Styx as an infant, she held him by one of his heels. Alluding to these legends, the term “Achilles’ heel” has come to mean a point of weakness, especially in […]
Ransomware and Incident Response: How Security Controls Help Districts Reduce Risk and Prepare for Action (and achieve Ed Law 2-d Compliance) – Recording Available
Speaker: Alan Winchester, Chief Development Officer, Caetra.io Alan Winchester is the Chief Development Officer and creator of CyMetric™. His vision is to enable customers overwhelmed with the issues surrounding legal compliance to meet their obligations intuitively and simply, reducing the need to incur the expenses of consultants and lawyers.
A discussion of MITRE ENGENUITY 2022 independent testing results – Recording Available
Mitre Engenuity has released its 2022 fully independent evaluation of 30 of the most common cybersecurity endpoint protection platforms. Why does this matter? The 2022 assessment and results are particularly interesting because the payload they used is the most common, and nefarious, ransomware and malware variants in use today.
Tech Tidbit: No More Local Admins!
Your techs *should not* be local admins anymore. It is simply too dangerous. I have personally been a limited user on all my laptops, VMs and desktops for three years. I am living a happy life. It is time to completely eliminate this concept of “Techs are Local Admins”. It is simply too dangerous […]
Tech Tidbit: You actually have to test your equipment
We have to plan to safely ride out storms and other unforseen events I am fresh off another weekend of power issues with the big storm. It was another object lesson that it is imperative to actually test disaster recovery strategies.
Tech Tidbit: Thoughts on the Ukraine war and how it impacts you
“War, huh, yeah What is it good for? Absolutely nothing, uh-huh, uh-huh” -War by Edwin Starr The world is all looking in horror at the events unfolding in Ukraine. Our thoughts and prayers are with the people of Ukraine under siege.
Tech Tidbit: Scott’ Secret Sauce
How I manage the storm of information and how you can quickly know what I think is important. A few thoughts on how I manage the myriad of technical information I read through and how you can get plugged in real-time to what I think is important.