Working from home with VeeamPN

Hi, at the moment, the trend is for VPNs. So much the better because VPN is a best practice (security habit to build), especially in businesses. If your sent all your employees home and they are now struggling with your corporate network access, but you don’t have time or knowledge to build, optimize and maintain your own VPN infrastructure, Veeam PN to the rescue (working from home with Veeam PN Blog Post).

Continue reading

Fix KB4551762 for the vulnerability in the SMBv3.1.1

Hi, yesterday, Microsoft has released a patch for a vulnerability in the SMBv31.1 (CERTFR-2020-ALE-008 / CVE-2020-0796) protocol that accidentally leaked online earlier this week during the March 2020 Patch Tuesday preamble. Updates a Microsoft Server Message Block 3.1.1 protocol issue that provides shared access to files and printers. The KB KB455176 is an update for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909.

Continue reading

Office 365 MitM attack and Varonis protection

Last week, I had the opportunity to participate in a live session in French as official Speaker Varonis about Security, Data Protection & Governance as Varonis Elite member at SECURE IT DAY 2020 with Pierre-Antoine FAILLY (Security Architect – Varonis). We are seeing an uptick in adversaries using a very tricky Man-in-the-Middle (MitM) attack to bypass MFA and breach Office 365 tenants. So, during the session, we have shown how an attacker obtains access to SharePoint Online using a phishing attack.

Continue reading

Step by Step Guide Veeam B&R 10 Upgrade

Two weeks ago, Veeam released Veeam Backup and Replication 10, which contains some significant improvements: NAS Backup support, Data Integration API new feature, Linux Backup proxy support and others… This build is fully supported by Veeam technical support, who is standing by to assist all early adopters. Veeam B&R Update 4b was be the last version 9.5 build. If you missed the launch event, you can watch the recording here. Veeam did a bunch of live demos to show off new v10 capabilitie. You can learn more about Veeam Backup and Replication v10 new features here.

This technical article provides a step by step guide to upgrade Veeam B&R 9.5 Update 4b (build to Veeam B&R 10 build be version (Veeam Backup and Replication 10 Upgrade). If you need to upgrade your Veeam Backup Server (v9) you can follow this article.

Continue reading

Hardening settings for Domain Controllers

Hi! Basically, default settings of Domain Controllers are not hardened. Every DC has by default the “Default Domain Controllers Policy” in place, but this GPO creates different escalation paths to Domain Admin if you have any members in Backup Operators or Server Operators for example. They can become Domain Admin. Start with replacing the “Default Domain Controllers Policy” and replace it with a new GPO that is more security-focused.


Continue reading