Susan Bradley
Contributing Writer
Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Windows Secrets, is a moderator on the PatchManagement.org listserve and SBS2k, and was one of the authors of Windows Server 2008 Security Resource Kit. . In real life she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, an Exchange Server, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at www.sbsdiva.com and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.
How to prepare for the Microsoft Windows 10 1903 security feature update
Microsoft is changing the way it does Windows 10 feature updates, and that will affect how you schedule update deferrals. Here's what you need to know.
How to time-sync Windows systems
Incorrect time on a Windows device or server can prevent security updates or user authentication, and it can interfere with a forensics investigation.
How to audit Windows Task Scheduler for cyber-attack activity
Two recently discovered Windows zero-day attacks underscore the importance of monitoring for unauthorized tasks.
Windows security updates that require new registry keys
Don't assume automated Windows security updates are complete. You might need to add registry keys manually. Here are a few to check now.
How to protect against poor Windows password practices
Employees will reuse passwords for work systems for their personal online accounts. Here's how to set up multifactor authentication in a Windows environment to reduce the risk of password compromise.
How to install PowerShell 5 on Windows 7
Have older Windows systems on your network? You can give them PowerShell 5's event logging capabilities even if they run Windows 7.
How to update Windows 10 for side channel vulnerability fixes
Since Spectre and Meltdown were discovered in 2018, other side channel vulnerabilities have emerged. These are the mitigations to consider for each of them.
How to identify, prevent and remove rootkits in Windows 10
Rootkits are among the most difficult malware to detect and remove. Now, new variations are targeting Windows 10 systems. Use this advice to protect yourself from them.
How to prevent and recover from an APT attack through a managed service provider
Threat actors are compromising their targeted victims through managed service providers (MSPs). These are the steps to take to minimize your exposure and to recover from these attacks if necessary.
How to harden Windows 10 workstations and servers: Disable SMB v1
Early versions of Server Message Block are still present on many Windows networks and devices, leaving them open to attack. Here's how to detect and disable them.
How to defend Office 365 from spear-phishing attacks
A recent successful zero-day Flash attack began with a spear-phishing email. These Windows 10 and Office 365 settings could have prevented it.
Center for Internet Security releases Microsoft 365 benchmarks
Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization.
How to enable audit logs in Microsoft Office 365
Audit logging of Office 365 mail reads makes forensics investigations of attacks much easier. Here's how to make sure it's enabled.
Best resources for setting up Microsoft Office 365 security
Office 365 presents admins with many choices and options. These information sources, online forums and script repositories can help you make the right decisions.
How to set Microsoft Office 365 ATP policies to block malicious URLs
Windows Advanced Threat Protection allows admins to set link filters for email messages and attachments in Outlook.
How to set up data loss prevention rules in Microsoft Office 365
Most data leakage occurs via emai. Set Office 365 DLP policies to stop sensitive data from leaving your organization.
How to set up multifactor authentication for Office 365 users
Requiring MFA for some or all Microsoft Office 365 users will better protect your network and email system from attacks.
How to stop malicious email forwarding in Outlook
Microsoft Office 365 administrators can use these settings to find and delete hidden rules attackers use to intercept Outlook email messages.
