Security
-
Can Ransomware Affect an ESXi host?
A particular Reddit thread caught my attention that was posted to Twitter as of last night. The title of the thread is “Witnessed my first ESXi ransomware. Crypts VMs at datastore level“. It basically describes a nightmare scenario involving a…
-
VMware NSX Palo Alto Integration
Today’s network environments are more complex than ever before. The move to the public cloud and extending resources from on-premises to the cloud is not showing any sign of slowing down anytime soon. Business are continuing to leverage technologies in…
-
Easy Windows Server Just In Time Administration JIT
One of the core pillars of good security with Windows Server is role-based access and least privilege access to resources in your environment. One of the newer buzzwords with security related to your Windows Server environment is called Just in…
-
How to Secure RDS RDP RDSH Best Practices
Remote desktops delivered by the remote desktop protocol has received quite a bad reputation when it comes to security concerns and other vulnerabilities that come along with the RDP protocol. There have been many variants of ransomware and other malware…
-
Untangle NG Firewall 15 Released New Features
Network firewalls and firewall appliances have been an interesting subject for me the past several years working in various lab and production environments. Several years back, I had a friend that recommended a firewall solution called Untangle. It was free…
-
CIS Critical Security Controls VMware Scan with Runecast 4.1
Having the right tools to implement security and security best practices in your VMware vSphere environment is critical to a successful security posture. The recent release of Runecast 4.1 adds an additional powerful compliance check called the CIS Benchmark. What…
-
Automate CurveBall Crypt32.dll Patching
With the recent developments with CurveBall Crypt32.dll, everyone is no doubt thinking about patching their Windows environments and doing this quickly. Even if you have WSUS in play, you may want to do something a little more proactive on your…
-
Download CurveBall Crypt32.dll Patch Tuesday Security Rollup
Update 1.16.2020 – New name coined “CurveBall” for the Crypt32.dll vulnerability. Update 1.15.2020 – It appears that only Windows 10 and Windows Server 2016/2019 are affected. However, there is another RDS bug that is equally bad that affects older Windows…
-
Crypt32.dll Vulnerability Affects Hyper-V and Windows Operating Systems
Update 1.15.2020 – It appears that only Windows 10 and Windows Server 2016/2019 are affected. Also, see my post here detailing the patch hyperlinks: https://www.virtualizationhowto.com/2020/01/download-crypt32-dll-patch-tuesday-security-rollup/ If you are running Windows Server Hyper-V to power your production virtual environments as well…
-
Hypervisor Security Best Practices
When it comes to today’s modern infrastructures, most if not all are running some type of hypervisor powered virtual environment in some part of their organization. Virtualization has opened many possibilities for new features and capabilities when it comes to…