Microsoft SharePoint enables users to share files with coworkers in just a few clicks. However, external sharing is just as easy— which puts the security of your sensitive data at risk. To help you control external sharing of files and folders without interfering with legitimate collaboration, this article details the external sharing settings available in the Microsoft administrative interfaces and offers best practices for configuring them.

HTTPS is the standard method for internet communications that transmit sensitive data. The TLS protocol is the backbone of HTTPS, encrypting connections so transmitted information can’t be intercepted or modified. HTTPS should also be used with local web applications that transmit sensitive data. This includes NetApp servers, since external applications and users need to authenticate, authorize and transfer data with the NetApp ONTAP operating system.

In this blogpost, we will take a close look at file access auditing on an EMC Isilon file system by leveraging native technologies. We will walk through the configuration process and explore the common challenges faced when working with the resultant audit logs.

Amazon Web Services (AWS) is the world’s largest cloud provider, with well over a million active users. The popularity of AWS makes it one of the biggest targets for cybercriminals — and one of the leading contributors to breaches is incorrectly configured Amazon S3 buckets. For example, an insecure bucket led to the unauthorized access of 23 million documents and 6.5 TB of data belonging to Pegasus Airlines.

Data lifecycle management (DLM) is the process of safeguarding data appropriately throughout its existence. The basic data lifecycle stages are creation, storage, data usage, sharing and destruction: Figure 1. The 6 basic data lifecycle management stages The goal of DLM is to ensure data security and regulatory compliance during all stages without throttling business productivity. Achieving this goal requires different processes and policies at various times during the data lifecycle.

Whether you realize it or not, service accounts represent a major risk to your data security. This article explains the fundamentals of service accounts and how attackers can exploit them so you can prevent yours from being compromised.

Mimikatz provides attackers with several different ways to steal credentials from memory or extract them from Active Directory. One of the most interesting options is the MemSSP command. An adversary can use this command to register a malicious Security Support Provider (SSP) on a Windows member server or domain controller (DC) — and that SSP will log all passwords in clear text for any users who log on locally to that system.

Complex cyberattacks dominate the headlines, making breaches seem sophisticated. In reality, most hacks are unbelievably simple and involve attackers targeting well-known configuration security gaps. In fact, cyberattacks are rather common. According to IBM, 83% of companies have experienced more than one breach while in operation.

The Active Directory linked attribute is a special type of Active Directory attribute that is used to describe relationships between objects. This post explains what linked attributes are and how they work.

If you’re after a toolkit to own Microsoft SQL Server from end to end, what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise and own just about any SQL system. It’s the whole kill chain in one tool. This article details how to perform the critical attack steps using PowerUpSQL.