SpireTech Blog - Tag: Azure

Many things are changing in the world right now, and technology is no exception.  As usual, we are spending a lot of time on R&D, training, and investigating new technology.  Why do you care?  Because we see certain technologies being key enablers for our clients moving forward.  We’re already using most of these technologies (accelerated by WFH), and many clients are rethinking the way they want to work.  

If you don’t know about these key enablers, you should, because they are disruptive technologies.  We’ll give you a primer here, with the “why” for each.  

Many of these features are things you’re already paying for, and others present minimal additional cost.   Read more...

used with permission from Microsoft Secure, by Michael Melone, Principal Cybersecurity Consultant, Enterprise Cybersecurity Group

Earlier this year, the world experienced a new and highly-destructive type of ransomware. The novel aspects of WannaCry and Petya were not skills as ransomware, but the combination of commonplace ransomware tactics paired with worm capability to improve propagation.

WannaCry achieved its saturation primarily through exploiting a discovered and patched vulnerability in a common Windows service. The vulnerability (MS17-010) impacted the Windows Server service which enables communication between computers using the SMB protocol. Machines infected by WannaCry propagate by connecting to a nearby unpatched machine, performing the exploit, and executing the malware. Execution of the exploit did not require authentication, thus enabling infection of any unpatched machine.

Petya took this worming functionality one step further and additionally introduced credential theft and impersonation as a form of worming capability. These techniques target single sign-on technologies, such as traditional domain membership.  Read more...