Phone Number +1-202-802-9399 (US)

Thycotic’s CyberSecurity Publication

POPULAR CATEGORIES

Filter by Tags: 

Articles in the ‘Free How-To Tech Advice’ Category

An ethical hack reveals endpoint security vulnerabilities

January 5th, 2021

“Know thy enemy and know yourself; in a hundred battles, you will never be defeated.” ~ Sun Tzu, The Art of War Sun Tzu’s advice is as applicable in cyber security as it is in battle. He warns, “When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant…


Hardening Windows Endpoints Against Cyber Attack: Part II

December 30th, 2020

In Part I of the blog series, Hardening Windows Endpoints Against Cyber Attack, I covered the first three steps of an ethical hack. Step 0: Pre-Engagement Step 1: Passive Recon Step 2: Active Recon Now the run really begins. In this blog post, you’ll learn how to put all the knowledge you gained during the…


A look behind the scenes of a Wi-Fi Hack: What are the secrets?

December 29th, 2020

You snag a seat at your local café and open your laptop. Maybe you’re on the patio, grateful for the heater. The scent of coffee powers up your brain. The low hum of people chatting is welcome, after months of isolation. The logon page appears as you search for the Wi-Fi in your settings. Despite…


Least Privilege Examples, as told by the Three Ghosts of “A Christmas Carol”

December 24th, 2020

With the holiday season upon us, it’s a good time to settle down with a beloved story. I re-watched the Charles Dickens classic, A Christmas Carol, the other day (well, actually it was Scrooged with Bill Murray, of course) and found myself thinking about the parallels with cyber security. Really, I did. In the story,…


Hardening Windows Endpoints Against Cyber Attack: Part I

December 22nd, 2020

To secure Windows endpoints against cyber attacks, it helps to think like a cyber criminal. Cyber criminals look for the cheapest, fastest, stealthiest way to achieve their goals. Windows endpoints provide many opportunities to gain entry to IT environments and access to sensitive information. As part of the ethical hacking community, my ultimate goal is…


How to Protect Your macOS Endpoints with Shift from KEXT to SYSEX

December 3rd, 2020

Cue music: Ch-Ch-Cha-Changes In recent macOS releases, Apple has been drawing attention to third-party software that uses technology like kernel extensions and system extensions. This technology allows users to install components or apps that extend the native capabilities of the macOS operating system. Apple’s deprecation of kernel extensions (KEXTs) and introduction of Endpoint Security Enabled…


Checklist: 9 Cloud Security Best Practices Your Organization Should Follow

December 1st, 2020

Transitioning to the cloud is one of the most significant technology shifts your company will face. Last year, over 80% of organizations operating in the cloud experienced at least one compromised account each month, stemming from external actors, malicious insiders, or unintentional mistakes. The specifics of cloud security activities may vary depending on your cloud…


Every system is a privileged system: Incorporating Unix/Linux in your privilege management strategy

November 24th, 2020

Lately we’ve been banging the drum that “every user is a privileged user,” meaning privileged users aren’t limited to system administrators but also include business users with access to applications and endpoints linked to critical business data and functions. The second verse to that refrain is that “every system is a privileged system.” Within your IT environment,…


How to Expedite Discovery of Service Accounts for Onboarding into Service Account Governance

November 17th, 2020

Service accounts, by their nature, can take on a life of their own. They’re rarely tied to a human owner if managed at all, so service account sprawl takes over and organizations’ privileged account attack surfaces can expand almost beyond measure. And with almost all medium to large organizations unable to pull service accounts into…


Remote Worker Security: The Risks, Challenges, and Solutions

October 20th, 2020

The concept of working remotely, or granting remote access, isn’t anything new for most IT professionals. Most organizations have embraced a remote workforce, be it their own employees, contractors, consumers, business partners, and managed service providers. What does “working remotely” mean today? For IT professionals, remote access had been thought of as performing your job…