Phishing with the Sharks Using the Attack Simulator

Hello, Paul Bergson back again. It is late fall and once again playoff time for High School and Collegiate volleyball. Women’s volleyball in Minnesota is a big deal and I have played and coached for over 30 years and I have a lot of great memories with my friends and family in this sport. One… Read more

Cryptojacking – Leeches of the Internet

Hello, this is Paul Bergson again with another topic on security. The threat of malware continues to impact business with no relief in sight. The latest topic brought back childhood memories of how the “Leeches” of the internet prey upon unsuspecting victims. It has been a beautiful summer in the Minneapolis, MN area this year… Read more

CredSSP, RDP and Raven

Welcome to another edition of AskPFEPlat, this is Paul Bergson and Graeme Bray bringing up the topic of CredSSP when in use with the Remote Desktop Protocol. This topic became an internal discussion around Premier Field Engineering and customers like you as to how this would impact accessing systems via RDP starting in May. This… Read more

Retire Those Old Legacy Protocols

Hello Paul Bergson back again, and I wanted to bring up another security topic. There has been a lot of work by enterprises to protect their infrastructure with patching and server hardening, but one area that is often overlooked when it comes to credential theft and that is legacy protocol retirement. These legacy protocols were… Read more

Security Updates from the Win10 Fall Creators Update

Hello, Paul Bergson, back with some great new information regarding the recent release of Fall Creators Update (FCU) for Windows 10, Microsoft released some great new security features that can protect you from unwanted Malware. I have heard from customers on multiple occasions that their customers are doing just fine with their desktop operating system,… Read more

Protecting Domain Administrative Credentials

Hello, Paul Bergson back again with today’s topic of preventing your Domain Administrators and other privileged identities from logging into Tier 1 and Tier 2 devices. Credential theft protection is always an important step in protecting the enterprise. While your administrators are your most trusted employees within the IT enterprise, they may not always use… Read more

Windows 10 Memory Protection Features

Hello, Paul Bergson back again with a discussion on the newly built-in memory protection features provided in Windows 10 and Windows Server 2016. I refer to Win10 throughout the document, but this is just for brevity sake. For a complete discussion on how to “Migrate threats by using Windows 10 security features” please see the… Read more

Securing Credentials for Privileged Access

  Hello, Paul Bergson back again. I have been on the road a bit more than normal doing security training/POC deliveries (POP-SLAM *1) for our customers related to Pass-the-Hash and credential protection. I have noticed an alarming trend in how credential protection is thought to resolve a customer’s credentials from being compromised. Enterprises that are… Read more

A Bit About the Windows Servicing Model

Hello, Paul Bergson back again with a discussion on the upcoming changes to our monthly patch releases to align down-level supported operating systems, updating practices to coincide with the Windows 10 Service Model. This includes Windows 7/8/8.1 and Windows Server 2008 R2/2012/2012R2. “From October 2016 onwards, Windows will release a single Monthly Rollup that addresses… Read more

AppLocker – Another Layer in the Defense in Depth Against Malware

Hello, Paul Bergson here with a discussion on Security in particular utilizing Microsoft’s AppLocker to help prevent the infection of Malware. Ransomware has been getting a lot of attention. There have been several high profile attacks in the press over the past few months and Understanding the Risk is important. If people don’t understand the… Read more