Posted by on

Many things are changing in the world right now, and technology is no exception.  As usual, we are spending a lot of time on R&D, training, and investigating new technology.  Why do you care?  Because we see certain technologies being key enablers for our clients moving forward.  We’re already using most of these technologies (accelerated by WFH), and many clients are rethinking the way they want to work.  

If you don’t know about these key enablers, you should, because they are disruptive technologies.  We’ll give you a primer here, with the “why” for each.  

WhatWhy
Azure ADEnables security in a WFH, cloud-first workplace 
IntuneAutomatic software deployment, enforcement of company IT standards, mobile device security 
AutopilotAutomatic setup and configuration of new computers, anywhere 
SharePointFile sharing without a server, simultaneous document editing 
OneDriveEasy access to SharePoint and backup of local documents 
TeamsTeam chat, meetings, calls, and collaboration 
Microsoft 365 Business VoicePotentially disruptive extension to teams calling and traditional business phone systems 

Many of these features are things you’re already paying for, and others present minimal additional cost.   Read more...


Posted by on

used with permission from Microsoft Secure, by Michael Melone, Principal Cybersecurity Consultant, Enterprise Cybersecurity Group

Earlier this year, the world experienced a new and highly-destructive type of ransomware. The novel aspects of WannaCry and Petya were not skills as ransomware, but the combination of commonplace ransomware tactics paired with worm capability to improve propagation.

WannaCry achieved its saturation primarily through exploiting a discovered and patched vulnerability in a common Windows service. The vulnerability (MS17-010) impacted the Windows Server service which enables communication between computers using the SMB protocol. Machines infected by WannaCry propagate by connecting to a nearby unpatched machine, performing the exploit, and executing the malware. Execution of the exploit did not require authentication, thus enabling infection of any unpatched machine.

Petya took this worming functionality one step further and additionally introduced credential theft and impersonation as a form of worming capability. These techniques target single sign-on technologies, such as traditional domain membership.  Read more...