Block AppData, Temp and hardening Office by GPO

24 בMay 2017

Hi everyone, these days are the hardest days we have been experiencing, so many attacks, some security breaches we found. accordingly, I want to share with you the policies you have to deploy and the highlight you have to take under your consideration for implementing. Let's begin because we have a lot of work! Due to CryptoLocker, we need to ensure that we block the possibility to run executable files on Temp and AppData folders. We can disallow it to any user and prevent to run execution file or 7z, RAR, Wz, files on App data by creating a new “Addition Rules” policy in Group Policy, * Make...
תגיות:
אין תגובות

How to configure Credential Guard Windows 10

20 בMay 2017

How to configure Credential Guard Windows 10 I would like to show you how to configure credential guard in Windows 10, the Credential guard is one of the major security features that comes with Windows 10, Credential Guard protects us against hacking and obtaining of credential in Windows, undoubtedly, you have heart about Mimiktaz tool, which can obtain your password as clear-text simply by perform pass-the-hash, pass-the-ticket or build Golden tickets. You know what, don't say I am not a friend, let’s demonstrate you a couple of actions with Mimiktaz. Download the tool from Google, it is available for anyone. - Make sure AV...
תגיות:
תגובה אחת

Prevent downloading attachments through OWA

16 בMay 2017

Hi Guys, I want to show you beneficial settings you might configure on your Office 365, considering we use in Office 365 we are limited to harden Office 365, and looking for any way to secure Office 365 capabilities and harden users experience, thereby today I want to present you how can we prevent from user downloading attachments from OWA in Office 365 and preventing information leakage out. Go to Office 365 to Permissions and then "Outlook Web Polices" then click on + Then, uncheck the "Direct File Access": further, you can enable files viewing: Then, assign the new policy to the particular mailbox: Probably you...
תגיות:
אין תגובות

Windows Server 2016 RDP tuning

10 בMay 2017

last Saturday I read Windows Server 2016 turning about that have written by Philip Steele and Liza Poggemeyer both guys have been done an amazing job! I was so glad to introduce rich details which could be effective for your as well. According to their best practice, there are several changes we have to do into.RDP file which can reduce RDSH performance. So, before deploying by GPO the RDP shortcut please following the followings points: Open the RDP file as TXT and edit the file, then add the following values: wallpaper:i:0- won't redirect the wallpaper on TS side. drag:i:1 - this value reduces bandwidth...
תגיות:
אין תגובות

How to create catch all Office 365

7 בMay 2017

How to create catch all in Office 365 Hi Everyone, in this article I would like to show you how can we catch any mail that delivers to our domain, Even if the SMTP of the recipient is invalid or not existing. The purpose is to learn sender’s behavior toward my domain and catching mails. You can create a mailbox that will contain all emails that were sent by mistake or were misspelled/misaddressed and track there the traffic. Please note that NDR won’t send to the second side and it is not applicable for Hybrid & Co-existence environments, likewise, Microsoft Office 365 Support team not...
תגיות: ,
אין תגובות