Major Vulnerability in Microsoft DNS Needs Action

Microsoft announced a major vulnerability on July 14, 2020, in its Domain Name System (DNS) service component of Windows Server. The issue is documented as CVE-2020-1350 and is rated at the highest possible level of 10 out of 10. Descriptions of the security flaw state that it is ‘wormable’, which means it can be automated […]

Working with Law Enforcement During a Breach

We have a team of Digital Forensics and Incident Response (DFIR) experts here at Lodestone Security working daily with organizations that have fallen victim to a cyber attack. During our investigation, clients ask a lot of common questions. In this post, I am sharing some of the common questions about working with authorities, and our […]

What is MFA?

Let’s get the acronym out of the way so we are all on the same page – Multi-Factor Authentication (MFA). As a part of an overall Identity and Access Management (IAM) program, MFA has a couple other names that mean essentially the same thing: Two Factor Authentication (2FA), Two-Step Verification. We prefer to use the […]

Properly Securing Microsoft’s Remote Desktop Gateway

The Challenge of Securing Microsoft’s Remote Access Solutions For decades, Microsoft’s Remote Desktop Protocol (RDP) has been used to connect to Windows computers remotely. We covered in detail many of the reasons that RDP itself presents such a high risk when exposed directly to the internet. Microsoft provided a solution to the numerous RDP-related security […]

Remote Desktop Protocol: A Virtual Open Door?

What is Remote Desktop Protocol? Remote Desktop Protocol (RDP) is arguably the most prolific remote access tool in use today. As its name indicates, RDP defines how server and client components communicate in order to provide a graphical interface from one computer to another “remote” computer. Microsoft includes RDP functionality with most versions of its […]

How can we improve the security of our video conferencing?

Improving Video Conferencing Security Video conferencing platforms are a great way to enable communication and collaboration during these uncertain and unusual times. As more organizations and individuals turn to these platforms, malicious minded people take notice and look for ways to exploit it. Some platforms are seeing more popularity in both usage and attacks; in […]

Securing Your Remote Workforce

Tips for Securing Your Remote Workforce The trend toward working remotely has been increasing for the past 20 years. The Corona Virus or Covid-19, the emergence of 5G, the transition to the cloud, and new technological capabilities for the remote worker has turned the trend parabolic. Over 5 million employees worked exclusively from a home […]