Microsoft is pleased to announce the final release of security baseline settings for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11. Some of the highlights of the new security baselines (many of which we intend to backport to older versions of Windows and IE):
  • Use of new and existing settings to help block some Pass the Hash attack vectors;
  • Recommendations to control the storage of plaintext-equivalent passphrases;
  • Blocking the use of web browsers on domain controllers;
  • Incorporation of the Enhanced Mitigation Experience Toolkit (EMET) into the standard baselines;
  • Removal of the recommendation to enable "FIPS mode" (this is discussed in greater detail in this blog post: Why We’re Not Recommending “FIPS Mode” Anymore);
  • Removal of almost all service startup settings, and all server role baselines that contain only service startup settings.

Source : Microsoft Security Guidance

Read More
We have made a small number of changes in the baseline security guidance for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11 since we released the beta version of our guidance last April. This blog post discusses those changes and the reasons for them.

Source : blogs.technet.com/b/secguide

Read More
Microsoft released the new Sysinternals tools, Sysmon, which allows you to monitor Windows process creations, file creation time changes, and network connections in the Windows Event Log.

Source : 4sysops.com

Read More
Many online articles suggests using the MakeCert.exe tool available in the Windows SDK for creating a self-signed certificate, but now there is an easier approach available.
New-SelfSignedCertificate-DnsNametest.powershellmagazine.com-CertStoreLocationcert:\LocalMachine\My

Source : PowerShell Magazine » #PSTip Generating a self-signed certificate

Read More
Next PostNewer Posts Previous PostOlder Posts Home