

Susan Bradley
Contributing Writer
Susan Bradley has been patching since before the Code Red/Nimda days and remembers exactly where she was when SQL slammer hit (trying to buy something on eBay and wondering why the Internet was so slow). She writes the Patch Watch column for Askwoody.com, is a moderator on the PatchManagement.org listserve, and writes a column of Windows security tips for CSOonline.com. In real life, she’s the IT wrangler at her firm, Tamiyasu, Smith, Horn and Braun, where she manages a fleet of Windows servers, Microsoft 365 deployments, Azure instances, desktops, a few Macs, several iPads, a few Surface devices, several iPhones and tries to keep patches up to date on all of them. In addition, she provides forensic computer investigations for the litigation consulting arm of the firm. She blogs at https://www.askwoody.com/tag/patch-lady-posts/ and is on twitter at @sbsdiva. She lurks on Twitter and Facebook, so if you are on Facebook with her, she really did read what you posted. She has a SANS/GSEC certification in security and prefers Heavy Duty Reynolds wrap for her tinfoil hat.


Microsoft 365 Apps update changes: What security admins need to know
Microsoft has renamed its Office 365 update channels and added options. You might have to make changes in your configuration and deployment tools.

Skipped patch from 2012 makes old Microsoft Office systems a favored target
Some organizations have still not implemented an Office patch from 2012. Attackers know this and are exploiting the vulnerability.

How to use Microsoft Sysmon, Azure Sentinel to log security events
Microsoft's Sysmon and Azure Sentinel are easy and inexpensive ways to log events on your network. Here's how to get started with them.

How to protect Office 365 from coronavirus-themed threats
Microsoft's new Office 365 security defaults and OAuth 2.0 support will help meet new US government recommendations to thwart COVID-related attacks, Make sure they are properly implemented.

9 tips to detect and prevent web shell attacks on Windows networks
Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk.

4 tips for protecting users from COVID-19-targeted attacks
Remote users in particular are vulnerable to coronavirus-themed phishing attempts, malicious domains, and repurposed malware. Protect them with these basic steps.

How to minimize the risks of split tunnel VPNs
Split tunnel virtual private networks have some advantages for supporting remote workers connecting to a Windows network, but they come with risks. Here's how to best protect your network.

How to check your Windows network for vulnerabilities
If you've made significant changes to your network to support remote workers, it's time to review what you've done to make sure everything is locked down.

How to lock down Remote Desktop Protocol servers
Make sure you've made all the proper settings to secure remote desktop protocol (RDP) to best protect your Windows network when supporting remote workers.

8 key security considerations for protecting remote workers
Many security and IT teams suddenly have to support and protect employees who must work remotely due to the COVID-19 crisis. Make sure you cover these areas.

Microsoft Threat Protection: What security and IT admins need to know
Microsoft Threat Protection can protect Windows systems and Office 365 users on many levels, but licensing requirements can be confusing.

How to prepare Microsoft Office and Windows for ransomware and email attacks
You've set up your remote workers during this COVID-19 crisis, but have you made the adjustments to be prepared for a cyber disaster like a ransomware attack?

Securing Windows and Office in a time of COVID-19: update policies, remote options
Delayed updates and a rush to support remote workers have forced IT and security teams to scramble. This information and advice will help them better deal with the crisis.

How to prevent attackers from using Windows against you
Attackers use standard Microsoft components such as DLLs or PowerShell to avoid detection. These tips will make such "living off the land" attacks harder to execute.

Do you trust your admins? 5 tips to manage administrator access
The access rights that internal and external network admins possess carry the potential for abuse and errors that can expose systems and data. These practices can help avoid that.

How to prevent scripting attacks in Microsoft Office
The rise in phishing attempts requires another look at your Microsoft Office settings to minimize the risk of a user executing a malicious script.

How to set up your network to prevent data loss
Critical data is at risk from both insider and external threats. Here's how to configure your Windows network for data loss prevention (DLP).

How to fight hidden malware on Windows networks
Attackers are more clever about how they hide malicious files. Countering that starts with knowing what services belong on your network.

5 steps to avoid credential dumping attacks
Use these five techniques on your Windows network to find and limit risk from vulnerabilities that make your organization vulnerable to credential dumping attacks.
-
Analyst Report
Sponsored -
Video/Webcast
Sponsored -
White Paper
-
eBook
Sponsored -
Case Study
Sponsored