user149408 – WindowsTechs.com

Is loss of availability automatically a security incident?

Posted on September 3, 2024 by user149408

Suppose you need to define for an organization what should be considered an information security incident which, when observed, triggers security incident response (investigate, contain, eradicate, recover – details of which might also nee… Continue reading Is loss of availability automatically a security incident?→

Prevent subscription ID guessing

Posted on April 23, 2020 by user149408

I am working on a service which offers information on the road traffic situation.

Users can subscribe to the service via an API, indicating the area and road classes they are interested in, and are assigned a subscription ID. With the sub… Continue reading Prevent subscription ID guessing→

Best practices for vulnerability patching periods?

Posted on September 23, 2019 by user149408

I was wondering if there are any general recommendations on maximum resolution times for vulnerabilities.

Consider a vulnerability/patch management process where a ticket is opened when a vulnerability is reported/detected. … Continue reading Best practices for vulnerability patching periods?→

Repercussions on Google account used to access a compromised service

Posted on May 27, 2019 by user149408

Suppose the following scenario:

A cloud service reports a breach in which user account information (usernames and password data, e.g. password hashes) was accessed.
The attacker has sufficient resources to recover passwords… Continue reading Repercussions on Google account used to access a compromised service→

Good practices for protecting a machine certificate against extraction

Posted on August 13, 2018 by user149408

Consider the following scenario:

You are providing VPN access for a number of machines running Windows 10.
The machines are configured and hardened according to company standards.
You rely on machine certificates for authen… Continue reading Good practices for protecting a machine certificate against extraction→

Pros and cons of installing security updates automatically?

Posted on April 7, 2018 by user149408

I recently got into a discussion regarding automatic installation of security updates. The system is used and managed by a small nonprofit organization—essentially one or two admins managing the system in their free time. The… Continue reading Pros and cons of installing security updates automatically?→

Ransomware-resilient Linux Samba file server

Posted on November 20, 2016 by user149408

Imagine the following scenario:

Files are kept on a Linux server and clients access them via Samba.
One of the client machines gets infected with ransomware, which encrypts everything within the logged-on user’s reach, incl… Continue reading Ransomware-resilient Linux Samba file server→