February 26th, 2010
As a new software release for least privilege leaves the building, it seemed an opportune time to start blogging, not to plug the release of course, click here. Alright, I’m allowed one shameless plug in my first blog given the team have worked so hard on this release. But seriously, I’m hoping that my blog will become a balance between sharing my experience in the system management space, with a bias towards least privilege, and providing valuable insights into the Privilege Guard (Edit: now Defendpoint) product.
- March 14th, 2016
Last week marked an exciting new first – ransomware on a Mac disclosed by Palo Alto who had seen it with a client. What’s simultaneously encouraging and disappointing is that it could have been prevented without detection using highly recommended best practices – application whitelisting (yes, it is possible to do whitelisting today – we do it with lots of our clients as do other providers).
- March 10th, 2016
Locky is the latest in an ever increasing range of ransomware threats used by cyber criminals in an expanding and increasingly lucrative market. . What makes Locky special is that it appears to have come from the same group behind several large Dridex campaigns showing that they are possibly diversifying their range of attacks.
- December 15th, 2015
As discussed in my last blog the issue of unquoted paths for services has been around for over 15 years. Despite this there is another potential privilege escalation with unquoted paths which doesn’t get as much coverage, these are Scheduled Tasks.
- December 4th, 2015
Here at Avecto we believe that security products should be secure by design, meaning that they are designed from the ground up to be secure. A key principle is that you should be able to share details of the design without compromising its security, as opposed to security by obscurity, where you are reliant on keeping the solution secret to prevent a compromise.
- August 6th, 2015
Windows 10′s security overhaul offers a lot but beware its complexities and limitations
With the arrival of Windows 10 in late July, businesses must once again pose many of the same questions that presented themselves at the time of the launch of Windows 8 in 2012, Windows 7 in 2009 and, for those with long enough memories, Windows XP in 2001.