Calcom Blog

New Posts Policy Expert All Posts

The different stages of a PowerShell attack

A silhouette style illustration of a team of superheroes running to attack with sunlight in the background. Easy to edit.

PowerShell is a scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. Although it was developed for

Read Post

PowerShell- risk factor or risk mitigator?

commercial illustrator

PowerShell is a scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. PowerShell was launched in 2006

Read Post

CMMC, NIST 800-171, AND SERVER HARDENING- PART 2

Vector illustration of an American flag on a shield against a blue background in flat style.

In January 2020 the Department of Defense (DoD) published the Cyber Maturity Model Certification (CMMC) framework into asses and enhance the cybersecurity posture of the Defense Industrial Base (DIB). According to the DoD,

Read Post

CMMC, NIST 800-171, and server hardening- Part 1

Vector illustration of an American flag on a shield against a blue background in flat style.

In January 2020 the Department of Defense (DoD) published the Cyber Maturity Model Certification (CMMC) framework into asses and enhance the cybersecurity posture of the Defense Industrial Base (DIB). According to

Read Post

IIS: Ensure ‘deployment method retail’ is set

CALCOM_COP01

This configuration is important both for the performance and the security of the production environment.   Performance-wise, you can set the <deployment retail> to true in order to ensure that no

Read Post

How can hardening protect against WastedLocker

red high school lockers

WastedLocker has been around since May 2020, creating enormous damage to many organizations, some of them are part of the US Fortune 500. The last highly mentioned in the media WastedLocker

Read Post

Automation in server hardening- essential, or a buzz word?

WEBINER04

Everything around information security is becoming automated nowadays, but not all automations are born equal. For some processes, automation can be beneficial. But for others, it can be an empty buzz

Read Post

SIGRed- the new severe security flaw in Microsoft DNS servers

Domain Name System (DNS) Diagram

Microsoft published a new CVE 2020-1350, warning about a new critical vulnerability in their DNS servers.   The vulnerability was discovered by Check- Point’s research team and was already addressed with

Read Post

What Can You Do to Prevent a GPO Attack?

Folder security concept

Group Policies are part of every Active Directory. GP is designed to be able to change every system’s configurations, from list to most privileged layer. Since it is so fundamental in

Read Post

How to use IIS Request Filtering Rules to Block SQL Injection attacks

Businessman out from a computer with a shield - Business concept vector

Organizations’ database is an important asset, making it very attractive for attackers to target. SQL Injection is one of the most well-known, and painful attack vectors used against organizations’ databases.  

Read Post

IIS: Ensure ‘deployment method retail’ is set

CALCOM_COP01

This configuration is important both for the performance and the security of the production environment.   Performance-wise, you can set the <deployment retail> to true in order to ensure that no

Read Post

IIS: Ensure TLS 1.0 is disabled- The Policy Expert

CALCOM_COP03

Transport Layer Security (TLS) is a cryptographic protocol designed to provide secure communication between web browsers and servers. It is used in almost every app nowadays. Many IP-based protocols such as

Read Post

Domain controller: LDAP server signing requirements

CALCOM_COP04

LDAP signing increases security in communication between LDAP clients and Active Directory domain controllers.  LDAP signing is a Simple Authentication and Security Layer (SASL) feature, as part of the LDAP protocol

Read Post

RDS: Do Not Allow Drive Redirection

CALCOM_COP02

POLICY DESCRIPTION: This policy specifies whether to prevent the mapping of client drives in a Remote Desktop Services session.   By default, an RD Session Host server maps client drives automatically

Read Post

rds: Do not allow LPT port redirection

CALCOM_COP03

Short for line printer terminal, LPT is used by IBM compatible computers as an identification for the parallel port, such as LPT1, LPT2, or LPT3. The LPT port is commonly required when installing a printer

Read Post

RDS: Do Not Allow COM Port Redirection- The Policy Expert

CALCOM_COP04

  COM port is the name of the serial port interface on IBM PC-compatible computers. It can refer not only to physical ports but also to emulated ports, such as ports created by Bluetooth or USB-to-serial adapters.   POLICY DESCRIPTION: This

Read Post

Restrict NTLM: Audit Incoming NTLM Traffic- The Policy Expert

CALCOM_COP01

NTLM is Microsoft’s old mythological authentication protocol. Although new and better authentication protocol has already been developed, NTLM is still very much in use. Basically, even the most recent Windows versions

Read Post

LAN Manager authentication level- The Policy Expert

CALCOM_COP02

  NTLM attacks are especially relevant to Active Directory environments. One of the most common attack scenarios is NTLM Relay, in which the attacker compromises one machine and then spreads laterally

Read Post

RDS: Require user authentication for remote connections by using Network Level Authentication (NLA)- The policy expert

CALCOM_COP03

POLICY DESCRIPTION: This policy setting allows you to specify whether to require user authentication for remote connections to the RD Session Host server by using Network Level Authentication (NLA). This policy

Read Post

RDS: Do not allow supported Plug and Play device redirection- The policy expert

CALCOM_COP04

POLICY DESCRIPTION: This policy setting allows you to control the redirection of supported Plug and Play devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services

Read Post

The different stages of a PowerShell attack

A silhouette style illustration of a team of superheroes running to attack with sunlight in the background. Easy to edit.

PowerShell is a scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. Although it was developed for

Read Post

PowerShell- risk factor or risk mitigator?

commercial illustrator

PowerShell is a scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks. PowerShell was launched in 2006

Read Post

CMMC, NIST 800-171, AND SERVER HARDENING- PART 2

Vector illustration of an American flag on a shield against a blue background in flat style.

In January 2020 the Department of Defense (DoD) published the Cyber Maturity Model Certification (CMMC) framework into asses and enhance the cybersecurity posture of the Defense Industrial Base (DIB). According to the DoD,

Read Post

CMMC, NIST 800-171, and server hardening- Part 1

Vector illustration of an American flag on a shield against a blue background in flat style.

In January 2020 the Department of Defense (DoD) published the Cyber Maturity Model Certification (CMMC) framework into asses and enhance the cybersecurity posture of the Defense Industrial Base (DIB). According to

Read Post

IIS: Ensure ‘deployment method retail’ is set

CALCOM_COP01

This configuration is important both for the performance and the security of the production environment.   Performance-wise, you can set the <deployment retail> to true in order to ensure that no

Read Post

How can hardening protect against WastedLocker

red high school lockers

WastedLocker has been around since May 2020, creating enormous damage to many organizations, some of them are part of the US Fortune 500. The last highly mentioned in the media WastedLocker

Read Post

Automation in server hardening- essential, or a buzz word?

WEBINER04

Everything around information security is becoming automated nowadays, but not all automations are born equal. For some processes, automation can be beneficial. But for others, it can be an empty buzz

Read Post

SIGRed- the new severe security flaw in Microsoft DNS servers

Domain Name System (DNS) Diagram

Microsoft published a new CVE 2020-1350, warning about a new critical vulnerability in their DNS servers.   The vulnerability was discovered by Check- Point’s research team and was already addressed with

Read Post

What Can You Do to Prevent a GPO Attack?

Folder security concept

Group Policies are part of every Active Directory. GP is designed to be able to change every system’s configurations, from list to most privileged layer. Since it is so fundamental in

Read Post

How to use IIS Request Filtering Rules to Block SQL Injection attacks

Businessman out from a computer with a shield - Business concept vector

Organizations’ database is an important asset, making it very attractive for attackers to target. SQL Injection is one of the most well-known, and painful attack vectors used against organizations’ databases.  

Read Post