Cyber-Attacks on Critical Infrastructure of a Country- How do they happen? How should we prevent them?

Introduction “For those on the ramparts of the world’s sole superpower, the digital winds are blowing an icy chill through the triumphant glow of the post-Cold War,” reads the tagline for the article titled, “Farewell to arms,” by journalist and writer, John Carlin. The article that delves into the potentially devastating effects of cyber-warfare became […]

Hunting Passwords In SYSVOL

Introduction: By default, all windows operating systems have a built-in Administrator account which has local administrator rights for the particular system.  Windows active directory provides centralized management for windows system and as per compliance requirements, built-in administrator name and passwords can be changed from there. This can be achieved by any of the following approaches: […]

Security Review of Microsoft DirectAccess Implementation

This article presents the key risks with DirectAccess and how to audit them. Let’s begin by first understanding the DirectAccess technology. Introduction of DirectAccess From the Wikipedia definition DirectAccess, also known as Unified Remote Access, is a VPN-like technology that provides intranet connectivity to client computers when they are connected to the Internet. Direct Access […]