In February 2022, Center for Internet Security (CIS) released the Microsoft Windows Server 2022 Benchmark v1.0.0 that provides prescriptive guidance for establishing a secure configuration posture for Microsoft Windows. CIS have said about the benchmark, “This secure configuration guide is based on Microsoft Windows Server 2022 (Release 21H2) and is intended for all versions of Microsoft Windows Server 2022 operating system, including older versions.

The Department of Homeland Security (DHS) on September 16, 2022 announced a first-of-its-kind cybersecurity grant program specifically for state, local, and territorial (SLT) governments across the country with funding in the amount of $200 million for Fiscal Year (FY) 2022, $400 million for FY 2023, $300 million for FY 2024, and $100 million for FY 2025.

UNC (Universal Naming Convention) identifies servers, printers, and other resources in the UNIX/Windows Community. The name of a computer is anteceded in a UNC path by double slashes or backslashes. Local disk or directories UNC paths are separated by a single slash or backslash.

A safe and secure environment is prioritized by every type of organization and configuring some basic Group Policy Settings properly, can help in achieving this task. Also, by using Group Policies correctly a user’s computer can be protected from threats and breaches.

In this article we’ll cover what is SAM (Security Accounts Manager) and its related policy in the Network Access domain “Do not allow anonymous enumeration of SAM accounts”. The values, vulnerability, and security recommendations of this policy.

The Security Accounts Manager (SAM) is a database file in Windows operating system that comprises of usernames and passwords. The main aim behind SAM is to make our system more secure and reliable by protecting credentials in case of a data breach. Configuring SAM gives users the ability to authenticate themselves to the local machine if an account has been created for them in security accounts manager.

Transport Layer Security is a security protocol used for facilitating seamless and safe communication between servers and web browsers. Put it his way, TLS encrypts data so that only the intended recipient and the sender can access it. Currently, TLS 1.2 and TLS 1.3 are the most commonly used TLS versions. After some major upgrades, TLS’s 1.3 version has emerged as one of the most extensively used and the safest security protocols for websites that need a high-end encryption service.

In February 2022, CIS (Center for Internet Security) released the Microsoft Windows Server 2022 Benchmark v1.0.0 that includes 50+ new features, GPOs (Group Policy Objects), capabilities and services. The document offers a comparison between Server 2019 vs. Server 2022 for similarities and differences as well as similarities and differences of Windows 11 vs Windows 10.

The National Security Agency (NSA) and partner cybersecurity authorities recently released an information sheet recommending proper configuration and monitoring of PowerShell, as opposed to removing or disabling PowerShell entirely. PowerShell is a built-in scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks.

In March 2022, PCI DSS launched a 4.0 version, which sets the operational and security standards for users. This new version is the replacement for the 3.2.1 variant. The authorities have upgraded the version to enhance security measures and help individuals and businesses handle growing security threats seamlessly. Financial companies have been sending feedback for the inefficient payment systems, due to which the PCI DSS launched a new security version PCI-DSS v4.0.