Hardening Windows Servers

Some quick tips on securing Windows Servers, especially on the latest version which is Windows Server 2019.

  1. Of course, the most important is to keep the operating system updated with the latest patches.
  2. Install only the essential components through the Windows Server Core.
  3. Secure the administrator account. Rename it to something else, and of course use a complex password.
  4. Make sure server sync time with NTP all the time.
  5. Use a good firewall and antivirus.
  6. Secure RDP. Make sure it is not open to the internet. To prevent unauthorized access, change the default port, and restrict the RDP access to a specific IP address, if any.
  7. Enable BitLocker.
  8. Use Microsoft Baseline Security Analyzer.
  9. Configure Log Monitoring and Disable Unnecessary Network Ports.

That is all for now. Good luck.

Beware – that email from HR might be a cyber scam

Remote workers are being targeted by a wide-ranging new online scam looking to steal business logins.

Researchers at security firm Cofense have uncovered a phishing campaign masquerading as emails from HR departments.

The scam targets employees who are still getting used to working from home, tricking them into giving away credentials such as login details through fake remote working enrollment forms.

Continue reading…

Protect yourself from Ransomware

Ransomware is still making headlines these days. Variant improved versions are still looking for its victims. 

Btw, ransomware is a type of malware that prevents users from accessing their system or personal files and demands ransom payment in order to regain access. Quick tips to avoid from become a victim of ransomware :

1. Backup Your Systems, Locally & In the Cloud
2. Install Anti Malware or Ransomware software
3. Constantly Apply Software and OS patches
4. Run Frequent Scheduled Security Scans
5. Create Restore and Recovery Points
6. Think Before Clicking any email
7. Set Up View-able File Extensions
8. Block Unknown Email Addresses and Attachments on Your Mail Server
9. Block Vulnerable Plug-Ins
10. Constantly Train & Educate your Employees

There’s no 100% way to prevent ransomware, but every step you take that gets you closer to being unaffected is a good step to take.

Setup phishing website

Phishing is a form of social engineering where a criminal hacker tries to trick the user into clicking a malicious link or downloading an infected attachment or divulging sensitive or confidential information.

The goal is to steal sensitive data like credit card and login information, or to install malware on the victim’s machine.

Continue reading…