Windows Defender Antivirus is Microsoft’s free built-in antivirus that comes installed by default on Windows Server 2016 and 2019 (since Windows 10 2004 the name Microsoft Defender is used). In…
In this article, written as a part of a series devoted to Windows security, we will learn quite a simple method for getting passwords of all active Windows users using…
Microsoft Security Baseline contains recommended settings Microsoft suggests for Windows workstations and servers to provide secure configuration and protect domain controllers, servers, computers, and users. Microsoft has developed reference Group…
The broadcast protocols NetBIOS over TCP/IP and LLMNR are used in most modern networks only for compatibility with legacy Windows versions. Both protocols are susceptible to spoofing and MITM attacks.…
In August 2020, Microsoft released an update to fix a critical Windows Server vulnerability in Active Directory — CVE-2020-1472 (more known as Zerologon) . This update was successfully installed on…
NTLM (NT LAN Manager) has been used as the basic Microsoft authentication protocol for quite a long time: since Windows NT. Although Microsoft introduced a more secure Kerberos authentication protocol…
Administrators often have to store passwords in automation scenario directly in the body of PowerShell scripts. As you know, it is extremely insecure when used in a productive environment, since…
In this article, I have tried to collect all major organizational and technical rules of using privileged / administrative accounts in the organization to improve security in the Windows network.…
In the previous article, we told that one of the ways to defending against mimikatz-like utilities is disabling the debug privilege for system administrators using Debug Program policy. However, recently…
The IT community remembered late June, 2017, due to massive infection of many largest companies and government institutions in Ukraine, Russia, Germany, France and some other countries with a new…