Calcom Blog

New Posts

Misconfiguration and Inadequate Change Control is a Top Threat to Cloud Computing

top threats cloud computing

The Cloud Security Alliance (CSA) published its annual report for top threats, risks, and vulnerabilities in the cloud for 2019.   The CSA is a world-leading organization dedicated to establishing best

Read Post

The Policy Expert: Network security: LAN Manager authentication level

Policeman emoji isolated on white background, cop emoticon 3d rendering

NTLM attacks are especially relevant to Active Directory environments. One of the most common attack vectors is NTLM Relay, where the attacker compromises one machine and then spreads laterally to other

Read Post

October’s NTLM MIC vulnerability

Retro golden microphone for press conference or interview on table front gradient mint green background. Vintage old style filtered photo

Another vulnerability was recently found in IIS server NTLM protocol, exposing the targeted server to a relay attack. This vulnerability joins several other vulnerabilities discovered by the Preempt research team. Given

Read Post

Automating IIS Hardening with PowerShell

Compass, Arrow, Quality, Business, Compliance, white background

IIS is a popular choice of a web server. Hosted on Windows Server, IIS allows organizations to host serve up websites and services of all kinds. But due to its popularity

Read Post

The policy expert- RDS: Require user authentication for remote connections by using Network Level Authentication (NLA)

Policeman emoji isolated on white background, cop emoticon 3d rendering

POLICY DESCRIPTION: This policy setting allows you to specify whether to require user authentication for remote connections to the RD Session Host server by using Network Level Authentication (NLA). This policy

Read Post

NTLMv1 or NTLMv2? Does it even matter?

Young handsome man wearing glasses over isolated background Smiling showing both hands open palms, presenting and advertising comparison and balance

NTLM is Microsoft’s old mythological authentication protocol. Although new and better authentication protocol has already been developed, NTLM is still very much in use. Basically, even the most recent Windows versions

Read Post

Mitigating relay NTLM remote code execution vulnerability

microsoft_ntlm

The Preempt research team found two critical vulnerabilities in Microsoft, sourced in three logical flaws in NTLM, Microsoft’s authentication protocol. The vulnerabilities potential outcome is allowing remote execution of malicious code

Read Post

The policy expert- RDS: Do not allow supported Plug and Play device redirection

Policeman emoji isolated on white background, cop emoticon 3d rendering

POLICY DESCRIPTION: This policy setting allows you to control the redirection of supported Plug and Play devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services

Read Post

DejaBlue? Not again!

Shot of a young businessman experiencing stress during late night at work

Microsoft published seven new Windows vulnerabilities sourcing, again, in the Remote Desktop Protocol (RDP). Like the name hints, DejaBlue, similarly to BlueKeep has the potential to create a worm that my

Read Post

Understanding Capital One Breach

hacker stealing credit cards datas , money and password from laptop in office

Major security breached to Capital One database resulted in 140,000 Social Security numbers, 80,000 bank account numbers and compromised one million Canadian Social Insurance numbers. Breach’s costs are expected to be

Read Post