Category: Security

Great new feature for O365 – reduce the amount of successful phishing attempts

As I wrote in my blogpost back in March, phishing is an attack concept where an attacker usually contacts a victim pretending to be from a trustworthy source to get information that they shouldn’t have gotten if they used their real identity. When an attacker targets specific individuals or groups within an organization the phishing method…



Varonis DatAdvantage – Verify continuous communication with all domain controllers

When you are using Varonis to monitor your environment it’s important to make sure that you don’t miss any critical events. One weakness in the current version of Varonis that I found out about is that you won’t get any notification if the event collection from one domain controller stops to work and you will…



Netscaler – Configure Kerberos Authentication + LDAP Group/Attribute Extraction to achieve SSO for internal users

SSO to Netscaler hosted web services for internal users: A request we receive from time to time from our Netscaler customers is that they would prefer internal users (users connected to the company’s LAN/Wifi or through VPN) to automatically get SSO when they browse to a load balanced web system (https://sharepoint.mycompany.com). One way of doing…



Netscaler – Customizing messages when using “Enhanced authentication feedback” with RfWebUI Theme

Some customers want to be able to provide more feedback to users when, for some reason, their logon to Netscaler fails or if the new password they specify during password change does not meet the AD’s password complexity requirements. Citrix has published the article https://support.citrix.com/article/CTX223404 that specifies how you can customize the message strings. However,…



Level up your incident response with DatAlert and Varonis

Varonis offers a great product that can be used for threat detection and response. It will help you identify and handle security incidents faster and more effective and it’s called DatAlert. In this blog post I’m going to discuss some of its features. With the DatAlert Suite added to your existing Varonis environment you can…



Azure AD authentication methods, MFA and SSPR insights and reports

We’ve been rolling out MFA (Multi-Factor authentication) and SSPR (Self-Service Password Reset) for many customers last couple of years. It often takes time and requires preparations but done right it will succeed and once finished they users get used to it just as they get used logging in using MFA to their bank. During the…



ClickOnce application suddenly blocked by AppLocker Group Policy

INTRODUCTION With the release of the Windows 7 and corresponding server operating system, the AppLocker technology has become a quintessential tool for system administrators to utilize. Thanks to it, administrators can restrict or allow end-users to run certain applications based on its publisher value, file path or even its unique file hash, all within an…



Java SE license change – How does it affect me and my organization?

Under 2018 Oracle released some big and important news regarding the future of Java SE. The big news is that Java SE requires a payed subscription in order to update the software, this change came into effect on the first on January 2019. In this article I’ll try to explain this new subscription change and…



Security Fest 2019

This year’s amazing conference Security Fest has now come to an end. Me and my colleague Sebastian had two really great days where we both have learned a lot and got new inspiration. Picture from Shira Shamban’s talk – “Your internet is down? It’s cyber warfare, stupid” Christoffer Jerkeby – Load Balancer with RCE, Hacking…



The best features in Varonis 7.4

The new big update to Varonis (7.4) was released about an month ago. Now after I have been upgrading and using it for a while I’m starting to get a feeling for the new features and it feels like a great time to talk a bit about the great features that were released. The first…