@gjacobse said in ManageEngine: Desktop Central - MFA:

@scottalanmiller

It is a gas soaked bonfire waiting for a match.

Fixed that for you.

@stacksofplates said in Experience with NDR Solutions:

Why is Sally accessing this service from a non work computer at 3 am her time with a chinese IP address? Sure this request has the password but that doesn't sound valid.

Which means you can automatically perform additional validation with MFA, or straight up deny access.

There's a lot of options really. You can only allow access to certain systems and/or services via company devices enrolled in MDM, with up to date OS, encryption, and endpoint protection. You can verify endpoints and users with passwordless auth via Beyond Identity and in certain cases use additional MFA via Duo or whatever you want to set up.

Sally is trying to log in to her company email. She's authenticated via passwordless auth via Beyond Identity on her work computer. Her work computer passes the health check seamlessly through BYID and allows her to access her email. Maybe she's also prompted for MFA always, or maybe only if she's logging in outside her normal geographic area on her work computer. Maybe (e.g. email) access is denied totally if from a non-company device. Options...

@JaredBusch Yup, and they want to do a audit of devices using a deployment tool that is not even a Microsoft one.

@Dashrender said in Zoho Mail has new secure sending option:

@Pete-S said in Zoho Mail has new secure sending option:

@Dashrender Good to know.

One purpose of the OTP is that you can't forward the email and have another person read it.

Not directly forward - sure, but you could screen shot it and forward that to someone.

I assume the OTP is more so that people don't have to create accounts in the Zoho system.

It looks like Zoho had the forwarding thing specifically in mind since they mentioned that on their website. A lot of people will forward messages without thinking about the sensitive information that is usually longer down in the mail. I've seen that a lot when I get emails forwarded to me with information that is clearly not intended for me.

In the MS system you have to create an account, same goes for Zix, even if you will only ever read this one message on that system.

Yeah, I hate that. It's just to get more users. I love OTP though.

I'll have to check how these secure feature works with sending huge mail attachments as well. Haven't tried it yet.

@dafyre Connection closed by foreign host after a couple seconds lol

@fredtx This is really GoDaddy breached. That they were running WordPress is kind of an aside.

@scottalanmiller said in Technologies Begging to be Ransomwared:

@dashrender said in Technologies Begging to be Ransomwared:

FYI - my experience in all of this is through the use of shares - so if shares aren't enabled.. then I'm guessing you're probably correct due to configuration.

Shares aren't on by default. But even when they are, nothing is shared out that a local non-admin user could access.

Yeah, and this is ultimately what saves you - OK now we're on the same page.

Thanks

@JaredBusch Did you ever find a product that you liked for this?

I am looking for 1 PoE outdoor camera for the front of my house. I ran the Cat6 line years ago and I just need to buy the camera now.

@scottalanmiller said in Anyone used Infection Monkey?:

@ambarishrh I meant that YOU should make one.

I'm too subtle, I guess.

lol! Yes, will make one for sure! Just need to test it on a lab and see how it goes. Its an interesting project 🙂

@DustinB3403 said in Solarwinds Blames Intern for Laughable Password:

@scottalanmiller said in Solarwinds Blames Intern for Laughable Password:

@IRJ said in Solarwinds Blames Intern for Laughable Password:

They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.

You mean like how the government hires Solarwinds?

I have a client that uses at least one solar wind product and I shudder....

Me too.

@DustinB3403 said in Microsoft Hid Known Vulnerability According to Senator:

@scottalanmiller said in Microsoft Hid Known Vulnerability According to Senator:

@Dashrender said in Microsoft Hid Known Vulnerability According to Senator:

you're saying that they can't ever be wrong in their releases?

No, I'm saying that whether right or wrong is irrelevant. That it happened is what matters. Deciding if it happened accidentally or on purpose is a different discussion. Things that happen on accident doesn't make them not have happened.

Like teen pregnancy....

LOL, exactly.

@Obsolesce said in Active Directory - User Attribute RFID/HID Badge:

@DustinB3403 said in Active Directory - User Attribute RFID/HID Badge:

@Dashrender I'm a 3rd party to the end customer here. Acting as the middle man as the customer's IT department wanted to engage outside support to try and vet different products.

I candidly told the customer that while this product will work, it won't work with all of the features they want without some substantial changes to their infrastructure and that the support (at least from this vendor) is pretty awful.

The simple approach here is to not integrate RFID/HID's to the system and simply use the AD Integration with the built-in QR codes that each member is assigned.

Just because something may be supported, doesn't imply that it is support.

Except in this case the vendor very clearly has stated they support you adding custom attributes within AD.

https://www.zdnet.com/article/microsoft-weve-open-sourced-this-tool-we-used-to-hunt-for-code-by-solarwinds-hackers/