The GYTPOL Gazette

It’s been a while since FireEye first announced that they were victim of the now infamous SolarWinds Supply Chain Attack. It's gone down in history as one of the most sophisticated and far r...

Managing configurations, patching, and updating system controls is one of the most notably difficult things that any CISO has to deal with. But it is one of the most critical to manage, as a...

Most often I have found that the issue of addressing the problem is more pressing than simply identifying the threat. We have a massive, multi billion dollar, industry dedicated solely to “s...

By definition, a vulnerability is something, anything that an attacker can target and exploit in order to access an application or environment, or possibly a user.

Do threats against your Active Directory keep you up at night? Honestly, they should. Active Directory is critical as it controls access to your systems and data.

Albert Einstein once said, “If I were given one hour to save the planet, I would spend 59 minutes defining the problem and one minute resolving it.”

Odds are you have heard the wisdom that a defense is only as good as its weakest point. Which makes sense. After all, any strong defensive posture can only hold up if there are no fail point...

In the modern Microsoft environment, NTLM (“NT Lan Manager”) is a security threat you should keep an eye on. Especially when it’s about the cloud environment, Microsoft warns you to deny it ...

Attacks are becoming more sophisticated, hackers are becoming smarter, and so should be the defenders. The attacker eyeing your organization is looking for the misconfiguration that will let...

In my previous article I wrote about the importance of monitoring all endpoints in the organization for the existence of cached credentials. In this post, I'm going to explain what you can d...