security Archives - Page 3 of 4

1 May 2020

Active Directory: Group and Membership Changes – Windows Event IDs, Auditing, Splunk (Bonus: Security Events for Investigation, Audit)

By Michael Yuen @yuenx|2023-03-08T11:21:04-08:00May 1, 2020 - Friday|Security, Technology|

Read: 13 mins. How do you find out who made a change to an Active Directory or Builtin Local Group? Which users were added to or removed from a group? When was a group deleted? In this post, we look at Group and Membership change Event IDs, and explore how to use Splunk to find relevant information to aid in your investigations.

24 Apr 2020

Cisco Umbrella: SSO Login Issues

By Michael Yuen @yuenx|2022-10-12T12:13:24-07:00Apr 24, 2020 - Friday|Microsoft 365, Networking, Security, Technology|

Read: 6 mins. We have recently enabled Single-Sign On (SSO) for our Cisco Umbrella dashboard and had to convert the existing, non-SSO accounts to use SSO. What should have been a straight-forward process was greeted with login issues and an inexplicable association with the OpenDNS dashboard. Here is how we secured the accounts and got SSO to work for each of them.

14 Apr 2020

MS Teams: Who Recorded The Meeting? Who Downloaded a Copy of The Recording?

By Michael Yuen @yuenx|2021-05-18T21:30:26-07:00Apr 14, 2020 - Tuesday|Microsoft 365, Security, Technology|

Read: 3 mins. A sensitive, internal meeting was held within Microsoft Teams, and someone had accidentally recorded it. The organizer was extremely unhappy when nobody admitted to it, particularly since any attendee was able to download a copy of the recording. An urgent request to the Office 365 and Information Security teams was put out to investigate. How did we go about in doing so?

15 Mar 2020

Review: HP LaserJet Pro M404dw

By Michael Yuen @yuenx|2021-06-26T22:55:54-07:00Mar 15, 2020 - Sunday|Product Reviews, Reviews|

Read: 4 mins. HP is a leader in business-class printers with its LaserJet Pro series of devices. The new M404 series is no slouch and has become our primary, paper output option at home. For businesses, this new entry includes some excellent, security-focused features.

11 Mar 2020

FortiManager: CA-Signed Web Admin Certificate

By Michael Yuen @yuenx|2023-10-20T11:37:20-07:00Mar 11, 2020 - Wednesday|Networking, Technology|

Read: 2 mins. FortiManager uses a self-signed, untrusted "Fortinet_Local" certificate by default. Here is how to request and implement a CA-signed one so the "Your connection isn't private"/"This site is not secure" error thrown by your browser goes away.

26 Sep 2019

Active Directory: Account Lockouts – Find Source/Cause (Bonus: Account Modifications)

By Michael Yuen @yuenx|2024-04-13T00:28:08-07:00Sep 26, 2019 - Thursday|Security, Technology|

Read: 22 mins. A Windows account keeps getting locked out and breaks a business-critical application that is responsible for a large volume of revenue. Angry customers have called into customer service to complain, and your manager has asked you for help. How do you find the source for the lockouts? Here is a comprehensive guide to aid you with resolving the issue. BONUS: Look up when an account was modified, disabled, enabled, unlocked, or had its password reset -- and by whom

Previous 1 234 Next