user access Archives

Winsage

March 31, 2025

You Can Get Windows 11 Pro on Sale for A$23 Right Now

Windows 11 Pro is currently available for a reduced price of A, down from A5, allowing upgrades for two compatible PCs. The activation code introduces features such as Windows Copilot, powered by GPT-4, and includes functionalities like Remote Desktop, BitLocker Device Encryption, Azure AD, Hyper-V, Assigned Access, and Windows Sandbox. Minimum system requirements are 4GB of RAM and 64GB of available storage.

Winsage

March 25, 2025

How To Secure Windows on a Mid-Sized Business Budget

Access provides advice on IT challenges, career transitions, and workplace dynamics. A mid-sized company faced a ransomware scare due to a user opening a malicious attachment but recovered data without paying the ransom. To enhance security in a Windows environment on a limited budget, the following steps are recommended: 1. Evaluate data storage by centralizing it on servers rather than individual workstations to improve security and simplify backups. 2. Implement the principle of Least Privilege Access, limiting user access to only necessary resources to reduce potential damage during attacks. 3. Utilize Microsoft's AppLocker to control which applications can run on Windows desktops, blocking unauthorized software. 4. Set up a ransomware kill switch using a custom PowerShell script to monitor for suspicious activities and trigger defensive actions if ransomware is detected.

Winsage

March 17, 2025

You Can Get Windows 11 Pro on Sale for A$23 Right Now

Windows 11 Pro is currently available for a reduced price of A, down from A6, allowing users to upgrade two compatible PCs. The Pro version includes features such as Remote Desktop, BitLocker Device Encryption, Azure AD, Hyper-V, Assigned Access, and Windows Sandbox. The system requirements for optimal performance are a minimum of 4GB of RAM and 64GB of available storage. This promotional pricing is available on platforms like StackSocial and may change without notice.

Winsage

March 3, 2025

You Can Get Windows 11 Pro on Sale for A$24 Right Now

Windows 11 Pro is currently available for A, reduced from its regular price of A9. The activation code allows upgrades on two compatible PCs and provides access to features such as a revamped user interface and Windows Copilot, which uses an advanced version of GPT-4. Key functionalities of Windows 11 Pro include Remote Desktop, BitLocker Device Encryption, Azure AD integration, Hyper-V for virtual machines, Assigned Access for application restriction, and Windows Sandbox for secure application testing. The system requirements for Windows 11 Pro are a minimum of 4GB of RAM and 64GB of available storage. The offer is available through StackSocial and may change at any moment.

Tech Optimizer

February 28, 2025

How to prevent Windows from installing unauthorised programs

Windows provides tools to enhance security, including the ability to implement a whitelist for applications. Administrators can configure this whitelist using the Local Security Policy tool in Windows Pro and Enterprise versions, or via command prompt in Windows Home. The Applocker feature, available since Windows 10 build 1809, allows for the creation of whitelists and blacklists. Setting up a whitelist involves navigating to Application Control Policies and creating rules for allowed applications, with options to use default rules provided by Microsoft. To set up the Applocker whitelist, users must open Local Security Policy, access AppLocker, and manage executable files through "Executable rules." Administrators can identify applications by file hash or path, with file hash being more secure. The Application Identity service must be activated for Applocker to function, which can be done through the services menu. Unauthorized applications will be blocked, and restarting Windows can resolve any issues with the service. Cyberlock is mentioned as an alternative to Applocker, offering advanced features and requiring a paid license after a trial. Windows also includes Smart App Control to monitor user behavior and restrict installations to verified applications. Kiosk mode can be configured to allow only one application to run, suitable for specific environments. Windows Home users can access the Local Security Policy tool through command prompt integration.

Tech Optimizer

February 15, 2025

Simplify database authentication management with the Amazon Aurora PostgreSQL pg_ad_mapping extension

Authentication is essential for security in enterprise environments, protecting sensitive data and resources from unauthorized access. Kerberos authentication is utilized for Amazon Aurora PostgreSQL-Compatible Edition with AWS Directory Service for Microsoft Active Directory, particularly through the pg_ad_mapping extension, which enhances access control management. Aurora PostgreSQL supports multiple authentication methods, including password authentication, AWS Identity and Access Management (IAM) database authentication, and Kerberos authentication. By default, password authentication is enabled, while IAM and Kerberos can be used independently. Users are assigned specific roles based on the authentication method: rds_iam for IAM, rds_ad for Kerberos, and no specific roles for password authentication. Kerberos authentication integrates with Microsoft Active Directory, allowing centralized authentication and single sign-on (SSO) capabilities. With versions 14.10 and 15.5, Aurora PostgreSQL introduced the pg_ad_mapping extension, which allows administrators to manage access through Active Directory (AD) security groups instead of provisioning individual users. This extension checks AD group memberships upon user login and assigns corresponding database roles, prioritizing roles based on assigned weights. The pg_ad_mapping extension includes functions such as pgadmap_set_mapping to add mappings between AD security groups and database roles, pgadmap_read_mapping to list existing mappings, and pgadmap_reset_mapping to delete or reset mappings. To deploy the solution, a CloudFormation stack is used to create necessary resources, including an AWS Managed Microsoft AD server, an Aurora PostgreSQL database cluster, and a Windows EC2 instance. Users can be added to AD groups, and roles can be mapped to facilitate access management. Security best practices for Aurora PostgreSQL include using IAM policies for resource management, implementing security groups for database access control, utilizing encryption for data protection, and employing Transport Layer Security (TLS) for secure connections. For auditing, the pg_stat_gssapi view can be used to identify authenticated users, and enabling the log_connections parameter will log session establishments, including AD user identities.

AppWizard

February 10, 2025

TikTok Offers Workaround for Android Users To Download the App

TikTok has created Android download kits for TikTok and TikTok Lite to allow users to access the platform despite its absence from US app stores. Users can download the app by visiting TikTok.com/Download, enabling sideloading, which is the installation of apps from outside official app stores. Certain features, like Live streaming and TikTok Shop, are not available. TikTok has not returned to Google Play or the Apple App Store since its removal on January 19 and is implementing security measures for its Android Package Kits. Political concerns about TikTok's ties to China have led to discussions about a potential ban and interest from various figures in acquiring the platform.

Tech Optimizer

February 8, 2025

New Attack Technique to Bypassing EDR as Low Privileged Standard User

A new cyberattack technique allows attackers to bypass Endpoint Detection and Response (EDR) systems while using low-privileged standard user accounts. This method utilizes masquerading and path obfuscation to disguise malicious payloads as legitimate processes, misleading detection systems and analysts. Process creation events are crucial for identifying threats, with tools like Sysmon logging detailed information about process execution. Attackers can manipulate file paths to evade restrictions on placing payloads in protected directories. They create folders that mimic legitimate antivirus software paths using Unicode characters to resemble spaces. For example, a folder may be named C:Program[U+2000]Files, allowing the attacker to introduce their payload (SuperJuicy.exe) without raising alarms. The execution of the payload results in logs that appear legitimate, complicating detection efforts. This technique poses challenges for EDR systems, including confusion in log analysis, deceptive attribution to legitimate software, and prolonged dwell time for malicious payloads. Defensive strategies include enhanced logging rules to flag Unicode characters, adjusting log viewers to display these characters, and restricting folder creation permissions for standard users.

Winsage

February 6, 2025

You Can Get Windows 11 Pro on Sale for A$31 Right Now

Windows 11 Pro is currently available for a reduced price of A, down from A8. The activation code allows users to upgrade two compatible PCs and access features such as a revamped user interface and Windows Copilot, an intelligent assistant powered by GPT-4. The Pro version includes advanced features like Remote Desktop, BitLocker Device Encryption, Azure AD integration, Hyper-V virtualization, Assigned Access, and Windows Sandbox. Minimum system requirements are 4GB of RAM and 64GB of available storage. Availability and pricing on StackSocial may change.

Winsage

December 16, 2024

“Reinventing the Wheel: New Computing Concepts Using Windows NT Architecture and PowerShell”

The Windows NT architecture continues to support a significant portion of global IT infrastructure, with millions of installations across Windows Server, Windows 10, and Windows 11. It can be leveraged alongside modern PowerShell techniques to create next-generation computing solutions. A secure and distributed file system can be implemented using Windows NT's Distributed File System (DFS) with encryption capabilities through PowerShell scripts. This allows organizations to create a secure, fault-tolerant file-sharing mechanism. PowerShell scripts can also be used to establish a real-time health monitoring dashboard that aggregates data from event logs, system performance counters, and custom triggers, enabling system administrators to swiftly identify failures and monitor system health. Automating patch management can be achieved through PowerShell by utilizing Windows Update Services (WSUS) to streamline the detection of missing updates, apply patches, and audit systems for compliance. PowerShell can enhance identity and access management (IAM) processes by automating compliance and monitoring permissions, ensuring continuous auditing of user access rights and adherence to corporate policies.